ClawHub

Automate

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent automation template library, but some examples can edit many files, publish code, and use stored credentials without enough guardrails.

Review before installing. If used, require explicit approval before running generated scripts, review diffs before any git push or PR, avoid blanket git add -A, add dry-run or backup steps for bulk edits, and replace the generic keychain/API template with service-specific least-privilege credentials and trusted hosts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The authenticated API template accesses a stored credential from the system keychain and immediately uses it in a network request, despite the skill's broad template context not establishing a clear need or safety boundary for credential use. This increases the chance that users adapt and run credential-bearing scripts without understanding token scope, destination trust, or logging/transmission implications.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The batch rename and find/replace templates perform in-place file mutations and renames without safeguards, dry-run modes, or warnings about irreversible changes. In an automation-focused skill, users may copy these patterns quickly and accidentally modify large sets of files, causing data loss or widespread unintended edits.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The git templates can stage all changes, create commits, push to a remote, and open a PR without any built-in confirmation or warning about remote publication. This can lead to accidental exfiltration of sensitive files, premature publication of work, or irreversible repository history changes when used as drop-in automation.

Missing User Warnings

High
Confidence
95% confidence
Finding
The authenticated API and pagination templates both consume stored credentials and transmit authenticated requests over the network without user-facing warnings about token use, endpoint trust, rate limits, or potential data disclosure. In a reusable template library, this is dangerous because it normalizes credentialed network automation as a copy-paste pattern without adequate guardrails.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal