ClawHub
Back to skill

Security audit

Codebase Search

Security checks across malware telemetry and agentic risk

Overview

This skill locally indexes Python code for semantic search, with the main caution being that it stores source-derived snippets in a persistent local index.

Install only in repositories you intend to index. Add `.codebase_index/` to `.gitignore`, use a virtual environment, consider pinning `chromadb`, and exclude files that may contain secrets or private code you do not want copied into a local search index.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
87% confidence
Finding
The skill says the index persists under `.codebase_index/`, but it does not clearly warn that repository source content, symbol metadata, docstrings, and derived searchable representations will be stored on disk. In sensitive codebases, this can create an untracked local cache of proprietary or secret-adjacent material that may be retained longer than expected or accidentally exposed via backups, sharing, or misconfiguration.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The code persists source-derived content, including docstrings and code snippets, into a local ChromaDB collection under a predictable directory without any disclosure, consent flow, retention control, or sensitivity filtering. In the context of a codebase-search skill, this increases the chance that proprietary code, secrets accidentally present in source/comments, or sensitive internal logic are stored long-term and later exposed to other local users, tools, or future queries beyond the original indexing intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal