ClawHub

File Deduplicator

Security checks across malware telemetry and agentic risk

Overview

This is a real duplicate-file cleanup tool, but its defaults and examples can delete local files without a strong preview or confirmation step.

Install only if you are comfortable giving this skill permission to scan and modify local files. Use findDuplicates first, run removeDuplicates with dryRun true, prefer move/archive over delete for important folders, limit directories narrowly, and keep backups before any delete action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill does more than identify duplicates: it can delete files, move them to an archive path, and recursively operate across arbitrary user-supplied directories. In an agent/automation context, that broad file-modification capability is dangerous because incorrect duplicate detection, bad parameters, or misuse can cause irreversible data loss or relocation of user files.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README prominently demonstrates `removeDuplicates` with `action:"delete"` as a quick-start command, but does not place an equally prominent warning or require a safer preview workflow first. For a destructive filesystem tool, this can lead users to run irreversible deletion commands on real data without understanding the risk of false matches, bad path selection, or operational mistakes.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The configuration sets a destructive default action of "delete" while also disabling dry-run by default, which creates a real risk of irreversible file deletion if the skill is invoked without carefully constrained inputs. In a file-deduplication skill, this is especially dangerous because duplicate detection can produce false matches or unintended scope expansion, and the manifest does not show strong activation constraints or safe defaults to prevent broad deletion.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill performs destructive delete and move operations immediately based on parameters and configuration, without any built-in confirmation gate at execution time. In a file-management skill, this context makes the issue more dangerous because false positives in duplicate detection or accidental invocation can remove or relocate large sets of legitimate user files.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal