ClawHub

Kubernetes Skills

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Kubernetes browser automation skill whose sensitive capabilities are expected for its stated purpose, but users should handle credentials and production-changing UI actions carefully.

Install only if you intend to let the agent operate Kubernetes-related web dashboards. Use least-privilege, short-lived credentials; verify target URLs before sending headers or passwords; avoid screenshots/content dumps of sensitive pages; prefer local browser execution for sensitive clusters; and require an explicit human confirmation before ArgoCD sync or any production-changing action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly demonstrates sending an Authorization bearer token to a remote web UI via browser automation without any warning about token handling, origin validation, logging, or screenshot/content exposure. In this context, browser sessions may persist credentials, leak them to unintended endpoints, or normalize unsafe operator behavior when interacting with external Grafana or similar dashboards.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The ArgoCD workflow includes a sync action that can modify live cluster state, but it is presented as a routine browser click sequence with no warning, confirmation guidance, or distinction between read-only and mutating operations. This increases the chance of accidental deployment changes, especially because the skill is designed to automate admin web interfaces for Kubernetes environments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal