ClawHub

中文 网站部署

Security checks across malware telemetry and agentic risk

Overview

This is a coherent website-deployment skill, but it needs Review because it can publish containers and alter public server or DNS state without clear approval and rollback guardrails.

Install only if you want an agent to help with public website deployment. Before using it, manually confirm the project directory, Docker image name, registry account, server host, ports, domain, and DNS records; avoid putting secrets in the build context, and prepare rollback steps for containers, pushed images, and DNS records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes broad phrases like 'build and deploy', 'launch site', and 'publish website' that can overlap with normal user intent outside this specific skill, increasing the chance of unintended activation. Because the skill can write files, run Docker commands, and publish artifacts, accidental invocation could lead to unauthorized system changes or external deployment actions.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The '使用时机' section maps vague prompts like '部署网站' and '创建网站' directly to consequential actions without defining activation boundaries or requiring a safety check. In context, this makes the skill more dangerous because those actions can cascade into filesystem changes, container execution, and public exposure of a site.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to create files, execute Docker commands, log in to a registry, push images, and run containers on a server, but it does not warn the user about the operational and security risks of these actions. This is dangerous because users may unknowingly authorize publication of content, credential use, network exposure on port 80, or deployment to production infrastructure without review.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal