ClawHub

Pentest Workbench

Security checks across malware telemetry and agentic risk

Overview

This is a coherent penetration-testing skill, but it includes high-impact exploitation, credential-access, scanning, and post-exploitation guidance without clear authorization safeguards.

Install only if you are using it for authorized security testing, training labs, CTFs, or owned systems. Review the scripts before running them, do not aim scans or fuzzers at third-party systems without written permission, and treat the credential-dumping, persistence, AV-evasion, and lateral-movement sections as high-risk material that should be constrained to an approved engagement scope.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • YARA SignaturesMalware Match, Webshell Match, Cryptominer Match
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill declares very broad trigger phrases such as 'exploit this', 'run a pentest', 'rev shell', and 'test this target', which can cause the skill to activate in ambiguous or unauthorized contexts. Because the skill content contains offensive tradecraft, unintended activation materially increases the chance of unsafe guidance being surfaced to users without adequate authorization checks.

Missing User Warnings

High
Confidence
98% confidence
Finding
This is a true security concern in the context of an agent skill because the file provides step-by-step exploit development guidance, including EIP control, JMP ESP discovery, shellcode generation, and reverse-shell payload creation, without any gating, safety framing, or authorization warnings. In an automation-oriented offensive security skill, this materially lowers the barrier to unauthorized exploitation and enables real-world abuse beyond purely educational discussion.

Missing User Warnings

High
Confidence
98% confidence
Finding
This reference file provides detailed privilege-escalation, credential-access, and exploitation guidance, including shell escapes, SUID abuse, kernel exploits, and credential dumping commands, but it lacks any explicit authorization, safety, or anti-misuse warning. In an agent skill that is explicitly marketed for offensive security and exploitation, this materially increases the risk that the agent will facilitate unauthorized compromise rather than bounded defensive testing.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This file is not merely mentioning security concepts; it inventories offensive tooling across reconnaissance, exploitation, credential access, command-and-control, AV evasion, and includes concrete payload-generation commands such as reverse-shell msfvenom examples. In an agent skill, that materially lowers the barrier to unsafe use because the content can be surfaced as ready-to-use operator guidance without any authorization boundary, safety gating, or restriction to lab-only contexts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This script deliberately sends increasingly large crafted inputs to a remote vulnserver instance in order to identify crash conditions. Even though this is a common penetration-testing workflow, it can disrupt availability or crash a service if pointed at a real or unauthorized target, and the file provides no safety warning, scope check, or confirmation step before transmitting the fuzz payloads.

YARA rule 'offensive_tool_references': References to well-known offensive security tools [hacktools]

High
Category
YARA Match
Content
- **Unconstrained Delegation**: Printer bug → DC compromise
- **BloodHound**: Find shortest path to Domain Admin

## Quick Checklist

- [ ] `sudo -l` — what can you run as root?
- [ ] SUID binaries — `find / -perm -4000`
Confidence
95% confidence
Finding
BloodHound

YARA rule 'privilege_escalation_tools': Privilege escalation tools and techniques [hacktools]

High
Category
YARA Match
Content
```

Known exploits (verify before running):
- `CVE-2022-0847` (DirtyPipe) — Linux 5.8+
- `CVE-2021-4034` (PwnKit) — polkit < 0.120
- `CVE-2019-13272` (PTRACE_TRACEME) — <= 5.1.17
- `CVE-2017-16995` (eBPF) — <= 4.14
Confidence
97% confidence
Finding
DirtyPipe; dirtycow; find / -perm -4000; find / -perm -4000

YARA rule 'info_stealer': Information stealer patterns (credential harvesting, browser data theft) [malware]

High
Category
YARA Match
Content
**Mimikatz** (Windows):
```
privilege::debug
sekurlsa::logonpasswords
sekurlsa::tickets
kerberos::list
```
Confidence
99% confidence
Finding
Mimikatz; mimikatz; LaZagne; laZagne

VirusTotal

1/65 vendors flagged this skill as malicious, and 64/65 flagged it as clean.

View on VirusTotal