ClawHub

Lerwee Alert Inspection

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed monitoring report generator that uses a monitoring API secret and writes local report files, with operational cautions but no evidence of deception or exfiltration.

Install only if you intend to let the agent access your Lerwee monitoring backend and generate local inspection artifacts. Use a least-privilege API secret, prefer HTTPS or a trusted internal network, and treat the generated Markdown, JSON, and Excel files as sensitive because they may include hostnames, IPs, alert details, and raw backend records.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad enough to match common operational requests such as '做巡检' or '告警巡检', which increases the chance of unintended activation. When a skill with network access and file-writing behavior activates too easily, users may cause external API calls and local artifact creation without clearly intending to run this workflow.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow mandates automatic generation of reports, JSON files, a temporary Python script in /tmp, and an Excel workbook, followed by script execution, without any user-facing warning or consent boundary. This is dangerous because it combines filesystem mutation, external data retrieval, and execution of generated code, which can lead to unexpected side effects, data exposure, or abuse if paths or template inputs are manipulated elsewhere in the system.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal