ClawHub

Programming Assistant

Security checks across malware telemetry and agentic risk

Overview

This appears to be a broad coding-assistant skill whose file-changing behavior is expected for its stated purpose, with no evidence of hidden persistence, credential use, exfiltration, or destructive intent.

Install only if you want a general-purpose programming helper. Use it in a version-controlled project, ask it to preview intended file changes, and review diffs before accepting setup or refactoring edits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description is very broad ('assist with programming tasks') and covers creation, modification, debugging, refactoring, and project setup without meaningful scoping boundaries. In an agent system, this can cause over-invocation on routine requests and expand the circumstances under which the skill gains access to codebases and file-modifying workflows, increasing the chance of unintended or unsafe actions.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The 'When to Use This Skill' section lists many common coding activities but provides no constraints, exclusions, or negative examples. That ambiguity makes it easy for an orchestrator to invoke the skill in situations where simpler, less-privileged handling would suffice, increasing the attack surface and risk of unnecessary file access or modification.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The workflow describes project setup and code modification steps that can create directories, generate configuration files, and alter existing code, but it does not warn users about changes to local files or system state. In practice, this can lead to silent or unexpected modifications, especially when the skill is invoked automatically, making accidental destructive changes or environment drift more likely.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal