ClawHub

Tutti

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for multi-agent coding workflows, but it exposes high-impact repository and context-transfer actions without enough disclosed safety controls.

Install only if you are comfortable giving this skill authority to coordinate agents, copy context between workspaces, and perform git-changing actions. Review generated handoffs and branch-landing commands before use, avoid secrets in captured context, and run it in repositories where unintended merges, pushes, or file changes can be reviewed and reverted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill documents launching workflows, verification, and landing agent branches, but it does not prominently warn that these actions execute commands and can modify the repository or open PRs. In a multi-agent orchestration context, this is more dangerous because actions may be chained and performed at scale, increasing the chance of unintended workspace changes.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill supports output capture, handoff generation, handoff application, and file injection between agents, but it does not warn that these features can collect, copy, and transfer potentially sensitive workspace or agent context. In this skill's context, that risk is elevated because multi-agent coordination intentionally propagates context across worktrees and sessions, which can spread secrets or proprietary code farther than the user expects.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The manifest exposes a destructive action, `land_agent`, which can merge an agent branch back to the current branch or push and open a PR with `--force`, but it provides no warning, confirmation requirement, or safety context. In an orchestration skill that manages multiple coding agents, this increases the chance of accidental or socially induced branch landing, resulting in unintended code integration or repository state changes.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The manifest describes `apply_handoff` without warning that it may alter agent state or workspace files when applying a handoff packet. In a multi-agent coding workflow, understated state-changing behavior can mislead callers into invoking the action as if it were read-only, causing unintended local modifications or context corruption.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal