ClawHub

Clash Controller

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Clash/mihomo proxy manager, but it can make system-wide networking changes without enough scoping, confirmation, or rollback guidance.

Install only if you want an agent to administer local Clash/mihomo networking. Before any action, confirm the exact command, verify the installer source, restrict the web panel to safe access, and know how to disable Tun mode and clear system proxy settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger scope is broad enough to activate on generic mentions of 'proxy', 'clash', or related terms, which can cause the skill to engage in contexts where the user did not clearly request system-level proxy administration. Because the skill can install software and alter networking behavior, overly permissive triggering increases the risk of unintended high-impact actions from casual conversation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents commands that clone and run third-party install scripts, change system proxy state, expose a web panel, and enable Tun mode that modifies kernel/network behavior, but it does not prominently require explicit user consent or warn about service disruption, traffic interception, privilege use, and external exposure. In an agent setting, this omission is dangerous because these operations can affect all host traffic, break connectivity, or expose management interfaces if invoked automatically or with insufficient operator awareness.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal