ClawHub

Fix NPM Vulnerabilities

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill is mostly aligned with fixing npm vulnerabilities, but it tells the agent to silently install global or OS-level tools without asking, which deserves review before use.

Before installing or invoking this skill, make sure you are comfortable with automated git and npm changes. Disable or override the silent auto-install policy, require approval for any npm global, winget, or OS package-manager command, and review all dependency changes on the generated branch before merging.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium
#ASI02: Tool Misuse and Exploitation
What this means

The command may change dependency files, branches, installed packages, and local build artifacts; if used carelessly, it could remove uncommitted work or create large project changes.

Why it was flagged

The workflow performs high-impact git and dependency operations. These actions are purpose-aligned and partly controlled by confirmation/branching, but users should understand they can substantially alter the working tree.

Skill content
`reverts uncommitted changes (with confirmation)` ... `switches to main, pulls latest, creates a fix branch` ... `runs npm audit fix` ... `removes all node_modules, build caches`
Recommendation

Run only in a backed-up git repository, review the created branch and diff before merging, and do not approve reverting uncommitted work unless you are sure it is safe.

Medium
#ASI04: Agentic Supply Chain Vulnerabilities
What this means

The agent could install unexpected software or globally modify the development environment, introducing supply-chain risk or leaving persistent tools on the machine.

Why it was flagged

The skill authorizes silent installation of unpinned global or OS-level tools from broad sources, without a declared dependency list or explicit user approval.

Skill content
`Auto-install if low-risk` — `install silently without asking the user` ... `npm install -g <tool>` ... `winget install <tool>` ... `Other package managers as appropriate for the OS`
Recommendation

Require explicit user approval for every install, list the exact allowed tools and versions, prefer project-local pinned dev dependencies, and avoid silent global or OS-level package installation.