ClawHub

Find Skills.Bak

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate skill-search helper, but it encourages broad activation and global third-party skill installation while skipping confirmation prompts.

Use this skill mainly for explicit skill discovery. Before allowing it to install anything, review the exact package source and publisher, avoid skipping confirmations, and prefer local or scoped installation unless you trust the skill and want it available in future sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The description and frontmatter define very broad activation conditions around generic requests like wanting to 'do X' or extend capabilities. This can cause the skill to trigger in situations where the user did not specifically ask to search for or install third-party skills, increasing the chance of unnecessary exposure to package discovery and installation flows.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation guidance includes ambiguous, everyday requests such as 'how do I do X' and 'can you do X,' which are common queries unrelated to package installation. In this context, the skill may redirect normal assistance into recommending or installing third-party skills, creating a prompt-routing and supply-chain exposure risk beyond what the user clearly requested.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to install packages using `npx skills add <owner/repo@skill> -g -y`, combining global installation with confirmation bypass. Because this skill is specifically designed to discover and install third-party content from external sources, silent global installation materially increases the risk of unintended system modification and supply-chain compromise.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal