ClawHub

Github App Authentication

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate GitHub App authentication helper; it handles powerful GitHub credentials, but the documented behavior matches that purpose.

Install this only if you intend agents or automation to act as a GitHub App. Use a narrowly scoped GitHub App, protect the private key and any printed tokens, avoid exposing token output in logs or chats, and remember that configured git or gh commands may continue using the app identity until reset.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly documents `ghapp token` but does not warn that it prints a live GitHub App installation token to stdout. In agent, CI, or shared terminal contexts, stdout is commonly logged, copied, or surfaced to other tools, so this can lead to credential exposure and subsequent repository or API access.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill recommends `ghapp auth configure` without clearly warning that it modifies local `git` and `gh` authentication behavior. This can unexpectedly change how future commands authenticate across repositories, causing credential confusion, unintended privilege use, or persistent system-level side effects that users did not anticipate.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The skill lists `ghapp update` as a normal command without warning that it performs a self-update and changes installed software. While not inherently malicious, undisclosed self-modification can surprise users and automation, altering binaries or behavior in ways that affect trust, reproducibility, and supply-chain risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal