ClawHub

VPS Deploy

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly aligned with VPS deployment, but it gives an agent broad server-changing power with under-scoped safety controls that could disrupt or lock down a live server.

Install only if you want an agent to administer a VPS for you. Prefer using it on a fresh or backed-up server, keep an existing SSH session open while SSH settings change, verify the deploy user works before disabling root login, back up Nginx configs first, review the Docker install command, and remove or restrict passwordless sudo if it is not needed after deployment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The skill's safety rules explicitly require backing up existing Nginx configs before overwriting, but the actual deployment procedure writes a new site config, symlinks it, removes the default site, and reloads Nginx without any backup or rollback step. In a production VPS context this can break an existing site or make recovery harder if the generated config is wrong.

Vague Triggers

Medium
Confidence
75% confidence
Finding
The trigger phrases in the skill metadata are broad enough to match generic requests like 'set up my server' or 'go to production' that may not actually mean VPS hardening and deployment. In agent routing, overbroad activation can cause the skill to run privileged server-changing steps in the wrong context, increasing risk of unintended destructive actions.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The 'When to Use' section contains ambiguous examples like 'set up my server' and 'go to production' without requiring confirmation that the user wants full VPS provisioning, SSH hardening, firewall changes, Docker installation, and reverse proxy setup. Because this skill performs high-impact infrastructure modifications, ambiguous activation materially increases misuse risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal