ClawHub Publisher

Security checks across malware telemetry and agentic risk

Overview

This is a real ClawHub publishing helper, but its packaging logic can accidentally include generated bundles and local path details in what gets published.

Review before installing if you plan to publish with it. Use dry-run or interactive mode first, inspect the .clawhub-publisher output, remove generated archives and local path details before publishing, and only use --yes after confirming the exact package and active ClawHub account.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill explicitly instructs the user to run shell commands such as `npm install`, `npm run build`, and `node dist/index.js ...`, but no declared permissions are present to signal that shell access is required. This creates a transparency and trust problem: users or calling systems may invoke the skill without understanding it relies on command execution, which can increase risk if the bundled CLI or build scripts perform unexpected actions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal