ClawHub

Skill Composer

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate workflow-planning skill, but it asks for broad write and command-execution authority while describing automatic retries and fallback behavior without clear user approval boundaries.

Install only if you want a meta-skill that plans and coordinates other skills. Keep it in planning or dry-run mode unless you explicitly approve file writes, shell commands, retries, fallback skill execution, and any synthesis of sensitive outputs from multiple skills.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The maintainer label "王的奴隶" contains coercive/degrading language that normalizes a forced identity in user-facing project metadata. Even in a marketing document, this is harmful because it can propagate abusive terminology into downstream catalogs, interfaces, and team workflows, creating harassment, reputational, and policy-compliance risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill declares access to Write, Bash, and Exec but does not warn users that orchestration may trigger file modification or command execution as part of automated workflows. In an orchestration/meta-skill context, that omission increases the risk of users authorizing the skill without understanding it can cause side effects beyond analysis, including unintended system changes.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The FAQ states the skill will automatically detect failures, retry, or switch to backup skills, but provides no warning or control boundary for these autonomous actions. In a skill that can use Write/Bash/Exec and coordinate other skills, automatic retry and fallback can amplify unintended behavior, repeat destructive commands, or invoke alternative tools with broader side effects than the user expected.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal