ClawHub

Reactive Resume

Security checks across malware telemetry and agentic risk

Overview

This is a mostly coherent Reactive Resume development skill, but it includes an unsafe destructive database reset helper and privileged Docker startup guidance that deserve review before installation.

Install only if you are comfortable reviewing commands before running them. Do not run scripts/db-reset.py unless DATABASE_URL points to a disposable local database and you have backups; avoid --confirm, redact database URLs from logs, and prefer fixing the script to use shell=False with strict local database allowlisting. Replace all example secrets and tokens before deployment, and understand that the Docker commands can start privileged, persistent local services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
"""运行 shell 命令"""
    try:
        if capture:
            result = subprocess.run(command, shell=True, capture_output=True, text=True)
            return result.returncode, result.stdout, result.stderr
        else:
            subprocess.run(command, shell=True)
Confidence
96% confidence
Finding
result = subprocess.run(command, shell=True, capture_output=True, text=True)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
result = subprocess.run(command, shell=True, capture_output=True, text=True)
            return result.returncode, result.stdout, result.stderr
        else:
            subprocess.run(command, shell=True)
            return 0, "", ""
    except Exception as e:
        print_colored(f"Error: {e}", Colors.RED)
Confidence
91% confidence
Finding
subprocess.run(command, shell=True)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
These instructions direct the user/agent to start Docker services and later run migrations, which are system-changing actions, but there is no safety notice or confirmation gate. In a skill context, that increases the risk of unintended local service startup, port exposure, resource consumption, or modifications to a developer machine or database.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The self-hosting section includes concrete database credentials and a printer token in deployment examples without warning users that these are placeholders and must be replaced securely. This can normalize insecure defaults and lead to accidental reuse of exposed example secrets in real deployments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal