ClawHub

redc

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed red-team cloud infrastructure manager, so its powerful actions are expected but should be used carefully.

Install only for isolated red-team or lab cloud accounts. Use scoped temporary credentials, verify the redc and Terraform binaries, inspect templates and Terraform plans before applying, keep MCP bound to localhost, and explicitly approve actions that deploy, destroy, schedule, execute SSH commands, transfer files, or expose billing and credential-like outputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill exposes a remote SSH command-execution capability but does not place an explicit safety warning at the tool definition about arbitrary command execution, credential misuse, or destructive actions on deployed hosts. In this context the tool is especially sensitive because it is a red-team infrastructure manager and may operate on internet-exposed systems, so misuse could lead to remote system compromise, persistence, or data destruction.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The upload and download tool descriptions omit an explicit warning that they can move sensitive data between the local machine and remote infrastructure. Because this skill manages cloud instances and may expose SSH credentials and case outputs, unguarded file transfer functionality increases risk of local data exfiltration, accidental overwrite, or import of untrusted files.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal