ClawHub

Find Skills Local

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill helps find and install other skills, with disclosed registry preferences and no hidden code or automatic installation.

Before installing anything found through this skill, check the registry source, publisher, version, and risk notes. If you do not want locale-based registry selection, tell the agent which registry to use explicitly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger logic is broad enough that ordinary help requests can be reclassified into a skill-discovery flow, causing the agent to search external registries when the user may have only asked for direct assistance. This can lead to unnecessary tool invocation, unexpected installation guidance, and increased exposure to untrusted third-party skill sources.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The metadata bakes in locale-based routing for Chinese users without explicit consent, which means source selection is influenced by inferred language or network context rather than user choice. This creates privacy and autonomy concerns and may steer users toward a repository they did not intend to use.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
Mandating `skillhub` first for Chinese users and only falling back to `clawhub` denies users a neutral choice of source and can bias package discovery and installation toward a specific ecosystem. In a skill-installation context, source selection is security-sensitive because different registries may have different trust, vetting, and supply-chain risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal