ClawHub

OpenClaw Doc Generator

Security checks across malware telemetry and agentic risk

Overview

This is a local documentation generator that reads source files and writes documentation files in ways that match its stated purpose.

Install only if you want a tool that reads project source and updates documentation files. Run it on a clean branch, inspect generated README.md and docs changes before committing, and do not use the direct-push CI example without branch protections and a restricted workflow token.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation clearly describes reading source files and writing generated documentation, but it does not declare any permissions or warn users that it will modify repository contents. This creates a transparency and consent problem: users or orchestration systems may invoke the skill assuming it is informational only, when it can read project files and overwrite docs/README content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documented commands update README content and auto-fix out-of-sync documentation, but there is no warning that these operations will modify project files automatically. In a documentation skill, file writes are expected, but failing to disclose them increases the chance of silent overwrites, unintended edits, or trust abuse when the skill is run in automation.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The CI/CD example stages documentation changes, commits them, and pushes to the repository automatically without any warning or guardrail. In a pipeline context this is more dangerous than local file edits because it can persist unintended or attacker-influenced documentation changes directly to the main branch, potentially enabling repository tampering, misleading docs, or workflow loops.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal