ClawHub
Back to skill

Security audit

数据库安全审计

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed database security audit helper, but its scans can expose sensitive database and account information if used too broadly.

Install only if you trust the dbskiter CLI available to the agent. Use it only on databases you are authorized to audit, scope scans to specific databases or tables where possible, avoid sharing raw personal data or account-level findings, and treat generated audit output as confidential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase "安全检查" is very broad and can match generic security discussions rather than an explicit request to run database auditing actions. In this skill, broad matching is more dangerous because activation can lead to sensitive database inspection commands, increasing the chance of unintended access or disclosure.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The instruction to use the skill whenever the user mentions listed keywords lacks boundaries, exclusions, or confirmation requirements. Because the skill performs high-sensitivity operations like permissions review, weak-password checks, and audit-log analysis, loose activation logic can cause over-collection of sensitive data or execution in the wrong conversational context.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill includes operations that can expose highly sensitive information, including personal data, account weaknesses, login activity, and audit history, but provides no warning, consent flow, or least-privilege guidance. In a database-security context this omission is especially risky, since users may trigger scans over production data without understanding the privacy, compliance, or access-control implications.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.