ClawHub

ClawHub Skill Publisher

Security checks across malware telemetry and agentic risk

Overview

This is a transparent publishing helper for ClawHub skills, with expected risks around editing drafts, reading marketplace examples, and publishing under the user’s account.

Install only if you want an agent to help edit a skill draft and prepare a ClawHub publication. Review all diffs before accepting patches, treat downloaded marketplace skills as untrusted reference material, confirm the active ClawHub account with whoami, and approve the final publish command only after checking slug, version, changelog, and intended visibility.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly says the skill will patch README/SKILL files and run `clawhub publish`, but it does not clearly warn users that it will modify local files and may perform a marketplace publication action. In an agent setting, unclear disclosure around file mutation and publishing can lead to unintended changes, accidental release of drafts, or publication of sensitive or unreviewed content.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill provides a ready-to-run `clawhub publish` command that can create or update a public marketplace listing, but it does not include an explicit warning that this action changes external state and may make content publicly visible. In an agent skill context, omission of a confirmation or caution increases the chance of accidental publication of unfinished, sensitive, or misconfigured content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal