ClawHub

无障碍标签审查与自动修复

Security checks across malware telemetry and agentic risk

Overview

This is a coherent accessibility-fixing skill, but it can automatically edit project files across a broad default scope without requiring a clear preview or confirmation step.

Install only if you are comfortable with a skill that may modify source files. Use it on a branch, specify exact files or folders, ask for report-only mode first, and review diffs and lint/test results before accepting any auto-fixes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README says the skill will 'apply automatic fixes' but does not clearly warn that it may modify project files. In an agentic environment, unclear disclosure around write actions can lead to unintended source changes, especially when combined with broad triggers, causing integrity loss, noisy commits, or accidental breakage in production code.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly states it will automatically apply fixes to files, but it does not require an explicit confirmation step or prominently warn the user before modifying source code. In an agent setting, this can lead to unintended file changes, especially when the scan scope defaults to the current working directory, increasing the risk of silent or overbroad modifications.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The usage guide says the skill can be triggered by broad natural-language phrases and will 'automatically match and start', but it does not define strong activation boundaries or confirmation requirements. In an editor-integrated agent, this can cause unintended invocation on ordinary conversation, leading to unplanned scanning, code changes, or follow-on tool use without the user's explicit intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The introduction prominently advertises automatic scanning and fixing, but it does not clearly warn at the outset that the skill may modify project files. In practice, users may invoke what they think is an audit/reporting workflow and unexpectedly receive file edits, which is risky in source repositories, especially when combined with broad triggering and recursive scanning behavior.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal