ClawHub

Gogetajob

Security checks across malware telemetry and agentic risk

Overview

This markdown-only skill is coherent for open-source contribution automation, but it grants broad automated code-writing and GitHub publishing authority without clear human approval gates.

Install only if you are comfortable with an autonomous contribution workflow operating under your GitHub account. Use a dedicated worktree and least-privilege GitHub token, avoid broad `--approve-all` execution unless you accept that risk, and require your own review before any push, PR creation, issue filing, cron setup, or reviewer reply.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs use of `acpx --approve-all claude exec`, which removes human approval for code-writing and command execution in arbitrary repositories. In this skill's context, that is especially risky because it operates on untrusted third-party codebases and issue descriptions, creating a path for unintended file modification, dangerous shell execution, credential exposure, or supply-chain abuse without a review checkpoint.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The skill recommends `gogetajob watch` for automatic cron-based syncing but does not clearly warn that this creates recurring background activity against GitHub and local state. While less severe than auto-approved execution, hidden persistence and scheduled polling can surprise users, leak metadata over time, or cause unintended automation in development environments.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The workflow explicitly instructs use of `acpx --approve-all claude exec`, which removes interactive approval for delegated code execution and code changes. In a skill designed to scan external repositories and act on issues, this meaningfully increases the chance of unsafe commands, unreviewed file modifications, credential misuse, or supply-chain-impacting commits being executed automatically.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal