ClawHub
Back to skill

Security audit

Log Analyst Cn

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward log-analysis helper that reads recent system and kernel logs, with some privacy caveats users should understand.

Install only if you are comfortable letting the agent inspect recent system, kernel, service, and authentication logs. Review or redact sensitive usernames, hostnames, IP addresses, and security events before sharing output externally, and be aware the generated report may include visible promotional affiliate content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad enough to match ordinary troubleshooting requests such as 'check the logs' or 'something is wrong,' which can cause the agent to read system and authentication logs without the user clearly understanding that sensitive local data will be accessed. In this skill, that over-broad activation is risky because the referenced commands collect operational and security-relevant log content that may contain usernames, hostnames, service names, failure details, and authentication events.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly reads journalctl, dmesg, failed units, and recent sshd/sudo-related errors, but it does not warn the user that these sources can contain sensitive operational and security information. That omission creates a privacy and data-minimization risk because an agent may collect and summarize authentication failures, host details, or incident evidence without meaningful user awareness or consent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.