ClawHub

debug detective

Security checks across malware telemetry and agentic risk

Overview

This is a broad debugging reference with powerful manual diagnostics, but its behavior is coherent and not hidden or automatically executed.

Install if you want a detailed debugging guide. Before running examples, review any scaffolded file changes, avoid using real secrets directly in shell commands, keep packet captures and traces private, and run sudo or production diagnostics only on systems you are authorized to inspect.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The packet-capture guidance recommends tcpdump usage, including ASCII payload inspection, without warning that captures may contain credentials, session cookies, API tokens, PII, or regulated traffic. In a debugging skill, users may copy these commands directly in production, creating an avoidable data-exposure risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The logging and observability examples encourage recording user IDs, IP addresses, headers, emails, and payment-related context with only limited mention of scrubbing in one Sentry snippet. Without strong privacy guidance, this normalizes collecting sensitive data in logs and traces, which can later be exfiltrated or mishandled.

External Transmission

Medium
Category
Data Exfiltration
Content
-o /dev/null -s https://api.example.com/health

# Test specific HTTP method with headers
curl -X POST https://api.example.com/data \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $TOKEN" \
  -d '{"key": "value"}' \
Confidence
71% confidence
Finding
https://api.example.com/

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
tcpdump -r capture.pcap

# Show packet contents as ASCII
sudo tcpdump -A -i any port 8080

# Count packets per source IP
sudo tcpdump -i any -c 1000 -nn 2>/dev/null | awk '{print $3}' | sort | uniq -c | sort -rn
Confidence
76% confidence
Finding
sudo

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal