ClawHub

server monitor

Security checks across malware telemetry and agentic risk

Overview

This skill only performs basic local server status checks, but it advertises real-time attack detection, alerting, reports, and multi-server monitoring that the code does not implement.

Install only if you want a simple, manual local status snapshot. Do not rely on it for real-time attack detection, automated alerts, daily security reports, or multi-server monitoring unless the publisher updates the implementation and documentation to match those claims.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
VERSION = "1.0.0"

def run_cmd(cmd, timeout=10):
    try: r = subprocess.run(cmd, shell=True, capture_output=True, text=True, timeout=timeout); return r.stdout.strip()
    except: return ""

def check_health():
Confidence
97% confidence
Finding
try: r = subprocess.run(cmd, shell=True, capture_output=True, text=True, timeout=timeout); return r.stdout.strip()

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill claims real-time attack detection and automated alerting, but the code only performs ad hoc local checks and emits static placeholder 'pro' settings. In a security-monitoring context, this can create dangerous false assurance: operators may believe attacks are being detected or alerts are configured when they are not.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The module docstring and help text overstate capabilities by implying real monitoring and alerting that do not exist. In security tooling, misleading capability claims materially increase risk because users may rely on the tool for defense coverage it does not provide.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal