ClawHub

Find Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed helper for finding and installing other skills, with the main caution that its example install command is global and skips CLI confirmation.

Before using this skill to install another skill, review the target skill and publisher. Consider removing `-y` for an interactive confirmation and avoiding `-g` if you do not want a persistent user-level install.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger description is broad enough to activate on common help-seeking requests such as 'how do I do X' or 'can you do X,' which can cause the skill to run in many situations where the user did not explicitly ask to search or install external skills. Because this skill recommends package discovery and installation, over-triggering increases the chance of unsolicited supply-chain exposure or unexpected tool execution.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The usage criteria contain ambiguous activation boundaries like general interest in extending capabilities or broad requests for help with a task domain. In context, that ambiguity is risky because the skill can pivot normal assistance flows into recommending third-party packages, creating unnecessary exposure to unreviewed external content and possible installation pressure.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs the agent to install with 'npx skills add <owner/repo@skill> -g -y' without warning that '-g' performs a global install and '-y' suppresses confirmation. That combination materially raises risk by enabling silent installation of third-party code or capabilities at user scope, reducing friction that would otherwise help users review package provenance and consent.

VirusTotal

47/47 vendors flagged this skill as clean.

View on VirusTotal