ClawHub

superviser ressources

Security checks across malware telemetry and agentic risk

Overview

This server-monitoring skill is not malware, but it asks for autonomous service restart and self-healing authority without clear limits or safety controls.

Install only if you intend to give an agent operational visibility into the host and Docker environment. Do not enable automatic restarts or scheduled self-healing until allowed services, monitored sites, approval requirements, rate limits/backoff, logs, and a clear disable path are defined.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
The skill enumerates local Docker containers and their status, which exposes host operational metadata unrelated to simple website health checks. In an agent-skill context, this expands visibility into the local environment and could leak sensitive infrastructure details if the output is logged, returned to a remote caller, or exposed to an untrusted user.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README states that the agent automatically scans the server and performs self-healing when a site or container stops, but it does not warn users that this can trigger disruptive restarts. In an infrastructure-management skill, undocumented automatic recovery behavior can cause unexpected service interruption, restart loops, or interference with incident response, especially if users assume the skill is observational only.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly states that it scans the server every 5 minutes and performs automatic self-healing when a site or container goes down, which implies autonomous system-modifying actions such as restarting services. In an agent skill, undocumented or insufficiently warned autonomous remediation is dangerous because it can disrupt production workloads, hide underlying compromise or instability, and trigger repeated restart loops without explicit operator approval.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal