ClawHub

Scan Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent security-scanning skill; its main caveat is that package names found during scans may be checked against PyPI or npm.

Install this if you want a user-invoked skill security scanner and run it only on directories you intend to review. Avoid scanning private skills with confidential internal dependency names if sending those names to PyPI or npm is unacceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill advertised as an individual skill scanner also performs live package-registry lookups via urllib to PyPI/npm. That expands behavior beyond purely local static analysis, creating outbound network activity, privacy leakage about scanned content, and non-deterministic results based on network availability.

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
Scan_Skill_Patterns includes supply-chain install patterns that are later tied to live registry verification, which broadens the scope of a single-skill analyzer into package reputation checking. In this context it is more a design overreach than direct exploitation, but it can surprise users and trigger unnecessary network follow-up behavior.

Missing User Warnings

Low
Confidence
88% confidence
Finding
Verify_Package performs outbound requests to public registries without any obvious user-facing disclosure at the API boundary. Even if only package names are queried, that still leaks analysis context externally and may violate expectations for an offline security scan.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal