ClawHub

File Manager

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims by managing local files, but users should treat its move, delete, and sync examples as real file-changing operations.

Install only if you are comfortable with scripts that can change local files. Use preview or scan-only modes first, verify source and target directories carefully, keep backups before broad sync or delete actions, and avoid scheduled automation until tested on a non-critical folder.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The safety section claims all modifying actions default to dry-run and require an explicit execution flag, but the provided examples show commands that would perform organizing/sync actions directly without that visible safeguard. This mismatch can cause operators or downstream agents to trust a non-existent safety barrier and execute destructive file changes unintentionally.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The document states existing target files will not be overwritten, yet the sync example uses --mirror semantics, which commonly imply making the destination exactly match the source, including replacement or deletion. This contradictory guidance is dangerous because users may run a high-risk synchronization mode while believing conflict protection still applies.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document provides directly executable backup and mirroring commands using `--mirror --execute` without warning that mirroring can overwrite or delete destination files if paths or exclusions are wrong. In a file-management skill, users are especially likely to copy and run these commands, so omission of safety guidance materially increases the risk of accidental data loss.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The scheduled organization example automatically moves files from `~/Downloads` every hour with `--execute --move`, but does not explain that this can unexpectedly relocate active downloads, break user workflows, or move files the user has not reviewed. Because this skill is specifically for automated file operations, such unattended movement is more dangerous than in a purely informational context.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal