ClawHub

ollama-migrator

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches its Ollama migration purpose, but its cleanup option can delete the original models even when verification fails.

Review before installing or running. Use the status check and migration steps first, verify the moved models manually with ollama list and a test run, and avoid --cleanup until you have confirmed the new model path works or have a backup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill instructs execution of local Python scripts, shell commands, environment variable changes, and a cleanup path that can delete files, but it declares no permissions or capability boundaries. Even though the stated purpose is legitimate system maintenance, the lack of explicit permission declarations increases the risk of unintended file modification, destructive cleanup, or unsafe command execution without adequate user awareness or policy enforcement.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The script forcibly terminates ollama.exe with taskkill /F, which is a disruptive process-control action that can interrupt other work and cause data loss or service interruption. In this skill context, stopping Ollama may be operationally relevant to migration, but using forced termination without checking ownership, prompting separately, or attempting graceful shutdown makes the behavior more dangerous than necessary.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The script writes a persistent user-level OLLAMA_MODELS environment variable directly into the Windows registry, changing future application behavior beyond the current session. This is a broader system configuration change than a transient migration step, and if the target path is wrong, maliciously chosen, or later becomes inaccessible, it can break Ollama or redirect model usage unexpectedly.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal