ClawHub

Creek

Security checks across malware telemetry and agentic risk

Overview

The skill is a real Creek deployment helper, but it gives agents broad live-deployment authority while encouraging skipped confirmations and exposing sensitive environment-variable workflows.

Install only if you want an agent to help manage live Creek deployments. Use a limited-scope Creek token, avoid showing env values unless absolutely necessary, and require explicit approval before deploy, rollback, domain, or environment-variable changes, especially when `--yes` would be used.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Instructing the agent to use `--yes` by default suppresses interactive confirmation for state-changing operations such as deploy, rollback, domain changes, or environment updates. In an agent context, this increases the chance of unintended or irreversible actions being executed without an explicit user confirmation checkpoint.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill documents commands that can reveal secret values (`creek env ls --show`) and modify or remove environment variables without any warning about credential exposure or production impact. In an agent setting, this can lead to accidental secret disclosure in chat output, logs, or telemetry, as well as unauthorized configuration changes.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
Rollback commands change live deployment state and may interrupt service, revert fixes, or reintroduce vulnerable versions, yet the skill presents them as routine workflow steps without caution. Combined with agent autonomy and `--yes` guidance, this increases the risk of disruptive production changes without adequate review.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal