ClawHub

database-administrator

Security checks across malware telemetry and agentic risk

Overview

This is a text-only database administration skill whose powerful database topics are disclosed and match its purpose.

Safe to install as an instruction-only DBA assistant, but use explicit approval before production writes, failovers, restores, migrations, privilege changes, or backup-retention changes. Limit credentials and database details to the task, prefer staging validation, and confirm backups and rollback steps before live changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill can activate for broad database-administration scenarios without clear scope boundaries, approval requirements, or restrictions on destructive operations. In a high-privilege operational context, this ambiguity can cause the agent to initiate sensitive review or change workflows on production databases without sufficient user confirmation, increasing the risk of outages, data loss, or unauthorized modifications.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes implementing database solutions, replication changes, performance tuning, backups, failover, and recovery actions, all of which can materially affect availability and data integrity, yet it provides no user-facing warning or consent checkpoint. In database administration, even well-intentioned automated actions can be disruptive or irreversible, especially in production or disaster-recovery scenarios.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal