ClawHub

Wip License Guard

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local license-compliance tool, but its fix modes can rewrite license, CLA, and README files, so users should review changes carefully.

Install this only if you want local repo license enforcement. Run audit or --dry-run first, use --fix only on a clean branch, avoid pointing readme-license --fix at a broad parent directory unless you intend to touch every detected repo, and review git diffs before committing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The tool's stated purpose is license compliance, but this code also audits and can rewrite README structure, attribution text, and technical-content placement. In `--fix` mode, a user expecting narrow license maintenance could unintentionally have broader documentation content modified, which violates least surprise and can cause unauthorized repository changes.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill description says it ensures copyright headers, dual-license blocks, and LICENSE files, but this path also creates and later requires `CLA.md`. Injecting contributor-agreement files exceeds the declared scope and could impose legal/policy artifacts on repositories without explicit user intent, especially when run with automated fix flows.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
This command recursively scans arbitrary directory trees, infers repositories heuristically, and in `--fix` mode can rewrite README files across multiple repos. That expands the blast radius from a single repository compliance tool into bulk cross-repository modification, increasing the chance of unintended changes to unrelated projects and making misuse materially more damaging.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill advertises license enforcement across all source files, but the implementation only validates a few repository-level documents and never scans source files for required headers or license blocks. This creates a false sense of compliance and can allow commits and pushes that violate the stated policy, especially in organizations relying on the hook as a gatekeeper.

Intent-Code Divergence

Low
Confidence
87% confidence
Finding
The header comment states the hook blocks non-compliant commits and pushes, but the code explicitly returns success when .license-guard.json is missing. In practice, this makes enforcement opt-in and easy to bypass by omission, which can undermine compliance expectations if users believe the hook is always active.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The CLI tells users to run `wip-license-guard check --fix` to auto-repair, but no such functionality exists in the file. Misleading remediation guidance can cause users to assume issues were or can be automatically corrected when they cannot, delaying manual fixes and weakening trust in the control.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README advertises repo-wide and cross-repo modification commands such as `--fix`, `--from-standard`, and bulk README rewriting without clearly warning that these operations can overwrite files across many projects. In an agent or automation context, this increases the risk of unintended mass changes to LICENSE, CLA, and README content, especially if a user invokes the tool based only on the examples shown.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal