ClawHub

Tech Security Audit

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Nmap-based security-audit skill, but it should only be used on networks the user is authorized to test.

Install this only if you need Nmap-based assessment. Use a trusted Nmap installation, confirm the exact host or CIDR range before running scans, and only scan systems you own or have explicit permission to test.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
try:
        # Run the scan
        result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
        
        if result.returncode != 0:
            return {"error": f"Nmap scan failed with return code {result.returncode}", "stderr": result.stderr}
Confidence
89% confidence
Finding
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README promotes active network scanning, service enumeration, OS fingerprinting, and vulnerability detection, but it does not clearly warn that these actions can disrupt systems, trigger IDS/IPS controls, violate policy, or require explicit authorization and careful scoping. Even though there is a brief legal notice later, the operational risks are not communicated near the feature and usage sections, which can encourage unsafe or inappropriate use.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises local network scanning and vulnerability assessment capabilities without warning users that scans can be intrusive, trigger IDS/IPS alerts, violate policy, or affect fragile systems. In this context, the omission increases the risk of misuse or accidental unauthorized scanning because users are not prompted to verify authorization, scope, or safety before use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal