ClawHub

nobodybuilt

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed idea-research and project-launch helper, with publication steps that are side-effectful but aligned with its stated purpose and user choice flow.

Use this for ideation and local project generation normally. Before running install.sh, know it pulls the latest GitHub copy rather than a pinned reviewed version. Before any GitHub, ClawHub, Smithery, Reddit, X, or Hacker News action, manually review the generated files and posts, confirm the exact command, and assume published content may become public under your account.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
78% confidence
Finding
The skill goes beyond ideation by instructing the agent to offer repository creation, code pushing, and publication workflows to external platforms. While not inherently malicious, these are side-effectful actions that can expose code publicly, create accounts/artifacts, or trigger unintended distribution if the agent acts too eagerly or the user does not fully understand the consequences.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README promises that the skill will generate code and then proceed to launch/publishing workflows, but it does not clearly warn that this may create repositories, push code, or prepare public-facing content. In an agent context, ambiguous descriptions of external side effects can lead users to authorize actions they did not fully understand, increasing the risk of accidental publication or disclosure of sensitive material.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The marketplace publishing section describes immediate publication to GitHub and multiple directories as a normal part of the workflow, but omits a clear warning that these actions make content public and may expose generated code, prompts, metadata, or user-derived ideas. Because this skill is designed to generate and ship projects, the context makes missing publication warnings more dangerous than in a passive documentation file.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill includes publishing and command-oriented actions for external services without embedding strong user warnings about side effects such as public release, account authentication, data exposure, or irreversible submissions. In an agent context, this increases the risk of accidental execution or users copying commands they do not understand, leading to unintended publication or credential misuse.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
**Marketplaces:** See [references/MARKETPLACES.md](references/MARKETPLACES.md) for the full guide. Walk the user through publishing step by step:

Immediate (no approval needed):
- **skills.sh** — Tell user to share install command: `npx skills add <owner>/<repo>`. Auto-listed once people install.
- **ClawHub** — Run: `npm i -g clawhub && clawhub publish ./ --version 1.0.0` (needs GitHub auth, account >= 1 week old)
- **Skills Directory** — Submit at https://www.skillsdirectory.com/submit (GitHub sign-in)
Confidence
82% confidence
Finding
no approval

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal