ClawHub

source code analysis

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only source-code analysis guide; its main caution is that it encourages running code without sandboxing guidance.

This skill is reasonable to install as a codebase-comprehension guide. When using it on third-party or unfamiliar repositories, inspect scripts and dependencies first, avoid exposing secrets, and run builds, tests, or debugging only in a disposable or sandboxed environment with limited filesystem and network access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill trigger is broad enough to match many ordinary code-related requests, which can cause the agent to invoke this skill in contexts beyond narrow repository comprehension. Overbroad activation increases the chance that risky guidance inside the skill, especially advice to run code, is applied to untrusted projects without sufficient user intent or safety checks.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly recommends validating understanding through actual execution and analyzing build, test, and deployment processes, but it provides no warning that repositories may be untrusted and unsafe to run. In a source-code-analysis skill, this is particularly dangerous because users are likely to supply arbitrary third-party code, so the guidance can normalize executing malicious build scripts, tests, or startup paths.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The best-practices section repeats directives such as 'Run code to verify understanding' and 'Don't just read; run and observe' without any disclosure of the risks of executing untrusted repositories. Repetition strengthens the behavioral push toward execution, making accidental unsafe handling of malicious code more likely in exactly the kind of analysis workflow this skill targets.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal