ClawHub

Fix Broken Links

Security checks across malware telemetry and agentic risk

Overview

This link-checking skill is coherent and user-directed, but it can send broken URLs to GitHub Copilot for replacement suggestions.

Install only if you are comfortable running scripts that make HTTP requests for URLs in your files. If your repository may contain internal links, private documentation paths, signed URLs, or tokens in query strings, use the deterministic link-checking behavior without Copilot suggestions or review/redact links first. Always inspect suggested replacement URLs before accepting them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The script sends each broken URL to an external `copilot` agent and asks it to discover alternative URLs, including archive and redirect targets. That expands the skill beyond local link auditing into AI-driven external delegation, which can disclose repository link data to a third party and introduce untrusted suggestions directly into an interactive remediation flow.

Context-Inappropriate Capability

Medium
Confidence
87% confidence
Finding
Delegating URL discovery to an AI CLI gives the skill an unnecessary capability relative to its stated purpose of scanning and interactively fixing links in local files. Because the model is instructed to infer alternatives from its own knowledge and archive sources, it can return incorrect, malicious, or policy-bypassing destinations that the user may accept and write back into project files.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends broken-link URLs to the external `copilot` CLI in `Get-AgentAlts` without explicit user consent, warning, or a privacy gate. URLs embedded in repository files can contain sensitive information such as internal hostnames, private paths, pre-signed tokens, or confidential documentation references, so exfiltrating them to a third-party model/service creates a real data-leak risk even though the feature is intended to help repair links.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal