ClawHub

Cyber Attack Simulation

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate-looking security testing skill, but it exposes high-risk attack simulation actions without clearly limiting use to authorized targets.

Install only if you will use it for owned or explicitly authorized security testing. Before invoking simulations, confirm target scope, avoid third-party or production systems unless formally approved, and treat DDoS, brute force, phishing, high-intensity tests, and privilege-escalation simulations as requiring extra review and safeguards.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill exposes capabilities for phishing, SQL injection, DDoS, brute force, and other offensive simulations, but the description and endpoint documentation do not provide clear guardrails limiting use to owned or explicitly authorized environments. In this context, missing warnings and authorization requirements materially increase the risk of misuse against real systems or users, especially because the API is presented as easy to invoke and professionally packaged.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The POST operation explicitly offers to run a cyber attack simulation, but the OpenAPI spec provides no documented authorization boundary, target ownership requirement, rate limits, or constraints on what systems may be tested. In an agent-integrated context, this creates a capability that could be invoked against arbitrary targets and facilitates dual-use offensive activity under vague controls.

Natural-Language Policy Violations

High
Confidence
95% confidence
Finding
The title and description market the skill as a professional security testing and cyber attack simulation platform without any visible limitation to authorized environments or defensive security assessments. That framing increases the likelihood of misuse because an agent may interpret the skill as broadly permitted offensive functionality rather than a tightly governed internal testing tool.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal