Clawdhub.Bak 2026 01 28T18:01:16+10:30
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used without explicit approval, the agent could change many installed skills at once and alter future agent behavior.
This documents a forced, non-interactive bulk update path for installed skills. Because installed skills can change agent behavior, this is high-impact and the artifact does not add approval, rollback, or scoping guidance.
clawdhub update --all --no-input --force
Require explicit user confirmation before install, update, update-all, force, no-input, or publish operations; prefer pinned versions and avoid bulk forced updates unless the user specifically requests them.
Installing or updating from a registry can introduce new or changed instructions into the agent's skill set.
The skill intentionally installs and updates skills from a registry, and allows the registry to be overridden. This is purpose-aligned, but it is supply-chain sensitive because remote skills affect the agent environment.
Default registry: https://clawdhub.com (override with CLAWDHUB_REGISTRY or --registry)
Use trusted registries, review skill sources before installing, pin versions when possible, and be cautious with registry overrides.
The agent may act through the user's ClawdHub account when publishing skills.
Publishing requires authenticating to ClawdHub. That is expected for this skill's publish workflow, but it gives the CLI account-level authority to publish under the logged-in identity.
Auth (publish) clawdhub login clawdhub whoami
Log in only to the intended account, verify `whoami`, and approve the exact folder, slug, version, and changelog before publishing.