ClawHub

Vet Repo

Security checks across malware telemetry and agentic risk

Overview

This is a coherent repository security scanner, with a disclosure note about an unused package-registry lookup helper included in its shared code.

Install only if you are comfortable running a local security scanner over the target repository. For sensitive private repositories, note that the normal vet-repo path appears local-only, but the bundled shared module contains a package-registry verification helper that could contact npm or PyPI if separately invoked.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
77% confidence
Finding
The skill claims to scan agent configuration files, but the static analysis indicates the associated implementation may also scan broader files and perform outbound package-registry lookups. That mismatch matters because users may invoke the skill expecting a local, repo-scoped audit, while the implementation could inspect additional content or leak metadata externally via network requests.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
This shared module includes live outbound package-registry verification logic even though the skill is described as scanning repository agent configuration files for malicious patterns. The capability broadens the trust and attack surface of the scanner, can leak package names or repo-derived data externally, and creates behavior that is not obviously aligned with the stated purpose.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The Verify_Package function performs outbound HTTP requests to PyPI and npm, which is a real capability expansion beyond static file scanning. In security tooling, unexpected network access is risky because it may disclose scanned artifacts, fail unpredictably, or be abused in restricted environments.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code performs outbound package-registry requests without any visible warning, prompt, or reporting to the user in this module. Silent network behavior in a scanner undermines transparency and can violate operator expectations or policy constraints.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal