ClawHub

Komodo

Security checks across malware telemetry and agentic risk

Overview

This looks like a real Komodo management skill, but it can immediately change or destroy infrastructure using API credentials without built-in confirmation safeguards.

Install only if you intend to let the agent manage Komodo resources with the configured API key. Use least-privilege Komodo credentials, avoid production keys unless necessary, and require an explicit human confirmation before running stop, restart, deploy, run, update, or destroy commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README exposes destructive operations such as stack/deployment destroy, stop, and restart without any warning, confirmation guidance, or description of operational impact. In a skill specifically designed to manage production infrastructure, this increases the chance that an agent or user will invoke high-impact commands without understanding they are disruptive or irreversible.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The description is broad enough to trigger on many ordinary infrastructure requests, which increases the chance this powerful skill is selected in situations where the user did not clearly intend authenticated Komodo operations. Because the skill includes create, update, deploy, run, and destroy capabilities, over-broad activation raises the risk of unintended high-impact actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation advertises destructive actions like destroy, stop, restart, deploy, and stack/deployment control without any warning, confirmation requirement, or dry-run guidance. In the context of a skill with authenticated API access to production-like infrastructure, this omission materially increases the likelihood of accidental service disruption or deletion.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script directly exposes destructive and state-changing deployment operations, including destroy, using only command-line arguments and performs the action immediately without any explicit confirmation, dry-run, or safety interlock. In the context of a deployment-management skill that can operate against real Komodo resources, a typo, prompt-induced misuse, or accidental invocation could cause service interruption or irreversible resource deletion.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal