ClawHub

vhs-recorder

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent VHS terminal-recording guide, but some runnable examples include destructive or overly broad shell commands without safety framing.

Install only if you are comfortable reviewing every generated .tape file before running it. Treat VHS tapes like scripts that can change your machine: use a disposable workspace, replace rm -rf and Docker stop-all examples with narrowly named demo resources, and avoid copying the production-db or test-db deletion examples into real environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The examples include destructive cleanup commands such as `rm -rf repo` and container stop operations without any warning, sandboxing note, or clear indication that they should only be run in an isolated demo environment. In a recording/tutorial skill, users may copy examples verbatim, so normalizing hidden destructive steps increases the chance of accidental data loss or disruption.

Missing User Warnings

High
Confidence
99% confidence
Finding
The error-recovery example prominently demonstrates `rm -rf production-db/` and then `rm -rf test-db/` without any safety disclaimer. Even though the first command is not executed, the example teaches and normalizes a highly dangerous recursive deletion pattern involving production-like resources, which could be copied or adapted incorrectly by users.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The reference explicitly recommends using hidden setup/cleanup sections for actions like installing dependencies, cloning repositories, building, and creating test files, but it does not warn users that these steps can modify the local workspace or system state outside the visible recording. In an agent skill that guides terminal automation, hiding mutating actions increases the risk of unexpected file changes, dependency installation, or environment alteration without user awareness.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
## Error Recovery (dramatic pause + backspace)
```tape
Type "rm -rf production-db/"
Sleep 3s
Backspace 100
Type "rm -rf test-db/" → Enter → Sleep 2s
Confidence
98% confidence
Finding
rm -rf production-db/"

Tool Parameter Abuse

High
Category
Tool Misuse
Content
Type "rm -rf production-db/"
Sleep 3s
Backspace 100
Type "rm -rf test-db/" → Enter → Sleep 2s
Type "# Phew!" → Enter → Sleep 2s
```
Confidence
99% confidence
Finding
rm -rf test-db/"

Chaining Abuse

High
Category
Tool Misuse
Content
Type "npm install" → Enter → Wait /added/ → Sleep 2s
Type "npm run demo" → Enter → Wait /Complete/ → Sleep 3s
Hide
Type "cd /tmp && rm -rf repo" → Enter
Show
```
Confidence
95% confidence
Finding
&& rm -

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal