ClawHub

Multi-Environment Isolator

Security checks across malware telemetry and agentic risk

Overview

This skill openly scaffolds local dev/test/prod project files; the main risk is that users must replace placeholder secrets and review generated scripts before real production use.

Install only if you want a tool that modifies a target project. Run it on the intended repository, inspect the generated .env and shell scripts, replace every placeholder secret before any production use, and review package files before allowing generated frontend scripts to run npm install.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill explicitly instructs users to run a setup script that reads and writes project files and generates shell startup scripts, yet it declares no permissions. That mismatch can cause an agent platform or reviewer to underestimate the skill's ability to modify repositories and execute commands, increasing the risk of unauthorized file changes or shell execution in arbitrary project paths.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger criteria are broad enough to activate on ordinary requests about environment setup, which can cause the skill to run in contexts the user did not intend. Because this skill performs file generation and shell-oriented setup, over-broad invocation increases the chance of unintended repository modifications or execution guidance being applied to the wrong project.

Credential Access

High
Category
Privilege Escalation
Content
def generate_env_file(env: str, config: dict) -> str:
    """Generate .env file content for a specific environment."""
    settings = {
        "dev": {
            "APP_ENV": "development",
Confidence
95% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
def generate_env_file(env: str, config: dict) -> str:
    """Generate .env file content for a specific environment."""
    settings = {
        "dev": {
            "APP_ENV": "development",
Confidence
97% confidence
Finding
.env

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal