ClawHub
Back to skill

Security audit

Database Manager

Security checks across malware telemetry and agentic risk

Overview

This is a database helper skill with powerful but disclosed database access, and its instructions include basic safeguards for reads, writes, credentials, and exports.

Install only if you want an agent to help with database administration. Use read-only credentials when possible, avoid production databases unless you explicitly intend that, review every restore/import/write command before it runs, and protect exported data and backups because they may contain sensitive records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill's activation guidance is very broad ('query a database', 'create backups and migrations', 'manage schemas') and does not define guardrails for when potentially destructive actions should require extra confirmation. In an agent setting, this increases the chance the skill is invoked for sensitive production systems or write operations without sufficient user intent verification, leading to accidental data modification or disclosure.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill documents commands for backup, restore, migrate, import, export, and arbitrary query execution but provides no warnings about destructive effects, production risk, credential sensitivity, or data exfiltration. In this context, the omission is dangerous because the skill directly interfaces with databases and can alter, overwrite, or extract sensitive data if an agent follows these examples without explicit safeguards.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.