ClawHub

Silas Skill Auditor

Security checks across malware telemetry and agentic risk

Overview

This is a skill-auditing checklist with no executable payload, but users should avoid granting unrelated wallet or credential access.

Use this as a checklist for reviewing skills, and confirm the target skill name and temporary path before running commands. Do not grant wallet, credential, or broad profile access for this skill unless the publisher provides a corrected package that clearly justifies those capabilities.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase “检查安全” is broad enough to match many ordinary security-related user requests, which can cause this skill to activate outside its intended scope. In an agent system, overbroad invocation increases the chance of unintended tool use and may let this skill intercept requests meant for other workflows.

Vague Triggers

Low
Confidence
88% confidence
Finding
The condition “安装新技能前需要安全评估” describes a situation rather than a concrete match rule, so the agent may infer activation too loosely. Ambiguous routing logic can cause accidental invocation and unpredictable behavior, though the impact here is mainly misrouting rather than direct compromise.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
# 拉取远程技能到临时目录(不安装)
clawdhub install <技能名> --dir /tmp/skill-audit-tmp
# 审查完成后删除
rm -rf /tmp/skill-audit-tmp
```

### 模式 B:已装审查
Confidence
91% confidence
Finding
rm -rf /

Tool Parameter Abuse

High
Category
Tool Misuse
Content
# 拉取远程技能到临时目录(不安装)
clawdhub install <技能名> --dir /tmp/skill-audit-tmp
# 审查完成后删除
rm -rf /tmp/skill-audit-tmp
```

### 模式 B:已装审查
Confidence
91% confidence
Finding
rm -rf /tmp/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal