Security audit

来了

Security checks across malware telemetry and agentic risk

Overview

This appears to be a ClawHub CLI guidance skill whose login, publish, and update examples match its stated purpose, with some operational cautions users should keep in mind.

Install only if you want an agent to help with ClawHub CLI workflows. Treat login as credential handling, confirm the active ClawHub account before publishing, and review any publish, update --all, or --force command before allowing it to run.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The documentation explicitly includes `publish` and `update --force` commands that can modify remote registry state or overwrite local installed skills, but it provides no caution about side effects, confirmation practices, or safe usage boundaries. In an agent-skill context, users may copy these commands verbatim, increasing the chance of unintended publication, destructive upgrades, or forced replacement of trusted local content.

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The authentication section instructs users to run `clawhub login` and `whoami` without warning that login may prompt for or store credentials, tokens, or session data. In a tool used by agents, omission of credential-handling guidance can lead to unsafe execution in shared terminals, logs, or automation environments where secrets may be exposed.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal