ClawHub

Vpn Setup

Security checks across malware telemetry and agentic risk

Overview

The skill sets up a VPN as advertised, but it needs Review because the OpenVPN path runs an unverified internet-downloaded installer as root and the docs understate the system-level changes.

Install only on a server you intend to reconfigure as a VPN host. Prefer reviewing the script first, avoid the OpenVPN option unless the downloaded installer is pinned or independently verified, run it as root only with explicit intent, and protect the generated client configuration and private keys.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The OpenVPN path fetches a shell script from a third-party GitHub URL and executes it as root without pinning a specific version, verifying a checksum/signature, or showing the user what will run. That creates a direct supply-chain and remote-code-execution risk: compromise of the upstream repo, network path, or referenced branch could lead to arbitrary privileged commands on the host.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README promotes one-command VPN installation and automatic client configuration generation without clearly warning that the process changes firewall/network settings, enables services, and creates sensitive VPN credentials. In an agent skill context, this can lead users to run privileged setup commands without understanding the security impact or properly protecting generated client configs.

Missing User Warnings

High
Confidence
98% confidence
Finding
The script silently downloads and runs external code in a non-interactive way, with environment variables pre-seeded to auto-approve installation. In a root-required setup script, removing user review/confirmation materially increases the chance that dangerous remote code is executed without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal