ClawHub

Git Hooks Toolkit

Security checks across malware telemetry and agentic risk

Overview

This skill installs repository-local Git hooks that can run local tools automatically, but that behavior is disclosed and matches the stated purpose.

Preview each template before installing it, avoid --force unless you intend to replace an existing hook, and only use the post-merge dependency hook in repositories you trust because future merges can run package-manager install commands automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises commands that install and remove Git hooks and invokes a Python script that necessarily writes hook files and may run shell-facing operations, but the skill metadata shown does not declare corresponding permissions. Undeclared write and shell capabilities are risky because users and policy systems cannot accurately assess what the skill can change or execute, especially in a repository context where hooks may later run automatically during commit, push, or merge events.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The template list includes behaviors that can automatically modify the working tree or execute commands with side effects, such as auto-formatting code, running tests before push, and installing dependencies after merge, yet the description does not warn about these effects. In this context, omission is significant because Git hooks are triggered implicitly by developer actions, so users may install a template without realizing it will later execute package managers or alter repository contents automatically.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal