ClawHub

Hadoop

Security checks across malware telemetry and agentic risk

Overview

This is a Hadoop administration skill with powerful but disclosed cluster commands and local notes, not hidden or deceptive behavior.

Install only if you want an assistant helping with Hadoop administration using your current cluster permissions. Confirm exact HDFS paths, application IDs, and cluster state before destructive operations, and keep credentials, keytabs, private hostnames, and sensitive production details out of the skill's memory files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document includes permanent deletion commands using -skipTrash but does not explicitly warn that these operations are irreversible and bypass normal recovery paths. In an operational skill for Hadoop administration, this omission increases the chance that an agent or user will run destructive commands in production and cause unrecoverable data loss.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The snapshot deletion command is documented without noting that deleting a snapshot removes a recovery point. While this is standard admin functionality, omitting the warning can lead to accidental loss of rollback capability during incident response or recovery workflows.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the assistant to save user preferences and Hadoop environment details to persistent memory early in the interaction, but it does not require clear notice or affirmative consent before doing so. Persisting operational details across sessions can expose sensitive infrastructure information and create privacy and security risks if the stored data is later accessed, leaked, or misused.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The setup directs creation of memory files under ~/hadoop/ and cluster-specific files in the user's home directory without warning the user that local files will be created or modified. Writing infrastructure notes and configs to disk can leave sensitive cluster metadata on the host filesystem, increasing exposure to other local users, backups, or compromise of the endpoint.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
Telling the assistant to 'Start the conversation naturally' in a setup flow tied to missing local state encourages the skill to engage and potentially steer into activation without a clear user request. In combination with later instructions to gather and save details, this can lead to unsolicited collection and persistence of operational information.

Ssd 3

Medium
Confidence
93% confidence
Finding
The skill explicitly says to save the user's answer to MAIN memory for future sessions within the first few exchanges, without a consent or minimization step. Cross-session retention of preferences and environment indicators is a data-governance issue because users may not expect operational context to be stored long-term.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill instructs collection and internal storage of detailed Hadoop distribution, cluster names, purposes, workflows, problem areas, and user role, then organizes them into persistent cluster-specific files. In a Hadoop administration context, these are sensitive operational details that could materially aid reconnaissance, targeting, or lateral movement if exposed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal