ClawHub

Find Skill HEQI

Security checks across malware telemetry and agentic risk

Overview

This skill is not deceptive, but it can steer broad user requests into installing third-party skills globally while skipping confirmation prompts.

Use this skill for searching skills only when you intentionally want external skill recommendations. Before installing anything, review the exact package source and contents, avoid `-y` unless you have already approved the command, and prefer non-global installation unless you want the skill to affect future agent sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description says it should be used when users ask broad questions like 'how do I do X' or express general interest in extending capabilities. Those triggers are common in ordinary conversations, so the skill may activate unintentionally and steer the agent toward package discovery and installation when the user did not explicitly ask to install external code.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The usage conditions overlap heavily with normal assistance requests like 'can you do X' or 'how do I do X', which are not inherently requests to search for third-party skills. In this context, overbroad routing is risky because it can cause unnecessary exposure to external package recommendations and installation flows, increasing the chance of unsafe supply-chain actions.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill recommends `npx skills add <owner/repo@skill> -g -y`, which performs a global install and suppresses confirmation without warning the user about trust, provenance, or system-wide effects. In a skill-discovery workflow, this is particularly dangerous because it normalizes one-step installation of third-party code from external sources, creating a meaningful supply-chain risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal