ClawHub

Class Seven

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed multi-agent development workflow skill, but users should be careful with sensitive logs, private code, and the suggested installer commands.

Install only if you want a multi-agent development workflow. Before using it on private projects, decide which agents and model providers may see the data, redact sensitive logs and code, and prefer verified vendor installation steps over piping remote scripts directly into PowerShell.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The example sends production logs to a spawned analysis agent without any guardrail, redaction step, or warning that logs may contain secrets, personal data, tokens, or internal identifiers. In this skill's context, multi-agent orchestration explicitly routes content to different tools/models, which increases the likelihood of unintended disclosure to external providers or additional processing surfaces.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The workflow fetches full PR content and distributes it to multiple review agents, some explicitly using external models, without notifying the user that source code, comments, metadata, or embedded secrets may be transmitted outside the primary environment. Because this skill is designed to fan out data across several agents, the exposure surface is amplified and can leak proprietary code or sensitive repository information.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide instructs users to execute remote PowerShell installer scripts via `irm ... | iex` without any integrity verification, signature checking, pinning, or safety warning. In a developer workflow skill, this is particularly dangerous because users are likely to copy-paste these commands verbatim, creating a straightforward supply-chain compromise path if the remote endpoint is malicious or later compromised.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal