ClawHub

Debugging R Environment And Dependencies

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed R troubleshooting skill; it can suggest system and project environment changes, but those actions fit its stated purpose and there is no hidden code or exfiltration behavior.

Install this only if you want an agent to help repair R environments. Review and explicitly approve any sudo, brew, dnf, R package reinstall, renv restore/update, lockfile rebuild, library cleanup, or PATH/permission change, and back up important project files such as renv.lock first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly describes actions that modify the host environment, including installing system packages and retrying package installation, but does not warn that these steps can change system state or require user confirmation. In an agent setting, this increases the risk of unintended environment modification, especially if the agent applies fixes automatically on the user's machine.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly proposes system-modifying actions such as installing compilers, development libraries, repairing environments, and reinitializing project libraries, but it does not warn the user that these steps may alter the local machine or project state. In a troubleshooting skill, such actions are contextually relevant, but without an explicit confirmation/preview requirement they can lead to unintended package, system, or reproducibility changes.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README explicitly instructs the skill to run state-changing dependency management actions like `renv::restore()` or `renv::update()` and to decide whether to update the lockfile or downgrade R, but it does not require confirmation, backup, or warning about modifying project state. In an agent setting, this can lead to unintended package changes, lockfile drift, or environment breakage when a user only intended diagnosis rather than remediation.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The invocation phrase `"renv restore is broken, please fix it"` is broad and resembles a normal troubleshooting request, making accidental triggering more likely in unrelated conversations about R environments. If matched automatically by an agent framework, it could activate a skill that performs environment modifications without sufficiently clear user intent for destructive or state-changing actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal