ClawHub

Cluster Agent Swarm

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Kubernetes/OpenShift operations skill, but it deserves review because it grants broad live-infrastructure authority with recurring agent behavior and incomplete user-control boundaries.

Review before installing. Use only with dedicated least-privilege Kubernetes, GitOps, cloud, registry, and Git credentials; require explicit human approval for every mutating action; verify cluster, context, namespace, diff, and rollback plan first; disable or tightly configure heartbeat behavior; and review or pin the referenced GitHub repository before following its install commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill advertises powerful operational capabilities such as deploys, provisioning, incident actions, and runbook execution, but its safety language is partial and focused mainly on a few production-only restrictions. In a Kubernetes/OpenShift context, even non-production or supposedly routine actions can cause outages, data loss, or security drift if a user is not clearly warned which actions require confirmation and which are read-only versus mutating.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The Security agent description includes secret rotation workflows, incident investigation, RBAC management, and compliance/security operations without a clear warning about handling sensitive data. In practice, these tasks may expose credentials, tokens, configuration secrets, or private operational details, increasing the risk of accidental disclosure or overcollection if the skill is used without explicit privacy guardrails.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal