Skills Cli

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only helper for ClawHub skill management; its broad update and sync commands need care but fit the stated purpose.

Install is reasonable as a command-help skill. Before running its suggested bulk commands, check the active ClawHub account, the current directory, which skill folders are included, and whether any files contain secrets or private material.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The activation guidance is broad enough to match generic requests about 'managing skills' or 'skills cli', which can cause this skill to trigger in situations where a more specific skill or direct user clarification would be safer. Over-broad routing increases the chance of unintended command suggestions, especially for install, update, publish, or sync operations that affect local or remote state.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The description defines a very broad scope spanning search, install, update, publish, and organization, without clear boundaries for when this orchestrator should defer or ask for confirmation. In an agent environment, such vague scope can lead to accidental invocation and inappropriate guidance for state-changing operations.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill recommends publish and sync commands that send local skill contents to a remote service but does not warn that local files, metadata, or embedded secrets may be uploaded externally. In this context, the omission is dangerous because users may treat sync/backup as harmless local maintenance and unknowingly exfiltrate sensitive content.

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The example promotes `clawhub update --all` without highlighting that it performs bulk changes across all installed skills, which may introduce breaking changes or unexpected behavior. While not inherently malicious, omitting the caution reduces informed consent for a broad state-changing operation.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal