ClawHub

klaus_sun

Security checks across malware telemetry and agentic risk

Overview

The skill appears development-focused, but it gives the agent unsafe local execution authority, including force-killing processes on ports without clear user approval.

Install only if you are comfortable with a skill that can create files, run local build/dev commands, and manage local ports. Before using it, require the agent to show the exact files and commands first, avoid force-killing processes, and only stop processes you recognize or that the agent started in the current task.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to use Write to create project files but does not require any prior user confirmation or warning that the workspace will be modified. In an agent context, silent file creation and overwriting can alter source trees, introduce unwanted artifacts, or destroy existing work if filenames collide.

Missing User Warnings

High
Confidence
99% confidence
Finding
The DevOps role mandates destructive commands such as `lsof -ti :8080 | xargs kill -9` and similar process termination on local ports, with no user approval or safety checks. This can kill unrelated local services, terminate unsaved work, or disrupt development environments, and the command is especially risky because it force-kills whatever happens to be bound to those ports.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs the agent to execute shell commands and run generated services (`exec`, `go build`, `go run`, `npm ...`) without any warning that arbitrary commands and newly generated code will be executed locally. Running generated programs expands the risk from mere content generation to code execution, which can consume resources, modify the environment, or execute unsafe logic if the generated code is flawed or abused.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal