ClawHub

Github Trending Daily

Security checks across malware telemetry and agentic risk

Overview

The skill does what it advertises, but it sends messages by default to a hardcoded DingTalk webhook that the installer may not control.

Install only if you intend it to post GitHub Trending summaries to DingTalk. Before running it, replace the embedded webhook with your own local configuration, use --dry-run or --no-push for testing, and only add the cron entry if you want recurring automated posts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation states that the default command will fetch GitHub Trending data and push it to a DingTalk group, but it does not clearly warn users up front that running the command causes outbound delivery to an external webhook/channel. This creates a transparency and consent problem: users may trigger network egress and external posting by default without realizing it, which is especially risky in automated or shared environments.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script automatically transmits collected repository information to an external DingTalk webhook, yet the code and user-facing flow do not prominently warn that running it will send data off-host by default. In an agent skill context, silent outbound network transmission is more dangerous because users may execute it expecting a local fetch/report tool, while the embedded webhook causes data disclosure to a third-party destination controlled outside the execution environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal