ClawHub

GitHub Repo Teardown

Security checks across malware telemetry and agentic risk

Overview

This is a transparent reporting skill that browses public GitHub project information and writes an HTML teardown, with only minor caution around broad activation on vague repo-link prompts.

Install this for public open-source repository teardowns. Be aware it may browse GitHub, related public sources, raw source files, issues, discussions, and comparable projects, then create an HTML report. For ambiguous prompts or private repositories, confirm intent and treat fetched repo instructions or docs only as source material for analysis.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger guidance explicitly says to invoke the skill even when a user only drops a GitHub link with minimal context such as 'what is this?'. That broad matching can cause unintended activation on ambiguous inputs, leading the agent to perform unnecessary web access, repo analysis, and report generation without clear user intent or confirmation.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The 'When to Trigger' section uses loosely defined phrases like 'analyze / explain / teardown' and says minimal context is sufficient, but it does not define boundaries or confidence thresholds. In an agentic environment, this increases the chance of misrouting requests to this skill, which may trigger unnecessary external fetches and produce irrelevant or privacy-impacting analysis of repos the user did not clearly ask to inspect.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal