ClawHub

Nexus Safe

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed local service-monitoring helper with controlled restart capability, not an exfiltration or persistence tool.

Install only if you want an agent to inspect and potentially restart local services. Review and set the allowed Docker or PM2 service lists narrowly, keep restart rate limits enabled, and avoid granting broader system privileges than needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
def run_cmd(args, timeout):
    try:
        return subprocess.run(args, capture_output=True, text=True, timeout=timeout, check=True)
    except subprocess.CalledProcessError as e:
        return e
    except FileNotFoundError:
Confidence
70% confidence
Finding
return subprocess.run(args, capture_output=True, text=True, timeout=timeout, check=True)

Unvalidated Output Injection

High
Category
Output Handling
Content
def run_cmd(args, timeout):
    try:
        return subprocess.run(args, capture_output=True, text=True, timeout=timeout, check=True)
    except subprocess.CalledProcessError as e:
        return e
    except FileNotFoundError:
Confidence
95% confidence
Finding
subprocess.run(args, capture_output

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal