ClawHub

Aws Cloud Toolkit

Security checks across malware telemetry and agentic risk

Overview

This AWS management skill fits its stated purpose, but it asks for broad AWS powers and includes destructive cloud operations without enough scoping or safety guidance.

Install only after verifying the real package source. Use a dedicated least-privilege IAM role or short-lived credentials, limit accounts/regions/resources, and require explicit confirmation before any create, update, delete, terminate, upload, download, or invoke operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README documents destructive AWS actions such as terminating EC2 instances, deleting S3 buckets and objects, and updating Lambda code without any warning about irreversible impact, production risk, or the need for confirmation safeguards. In a cloud-management skill, this increases the chance that users or downstream agents execute high-impact operations against real infrastructure or data with insufficient awareness.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill advertises destructive cloud actions such as terminating EC2 instances, deleting S3 buckets/objects, and deleting Lambda functions without any caution about confirmation, least-privilege use, backup requirements, or production risk. In an agent setting, documenting these operations as routine can normalize unsafe execution and increase the chance of accidental destructive actions against real cloud resources.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill includes plaintext environment variable examples for AWS credentials without warning users not to hardcode, share, log, or commit secrets. In practice, this can lead to credential exposure in shell history, code repositories, chat transcripts, or agent logs, enabling unauthorized access to AWS resources.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal