Clawhub auto publisher

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local helper for scanning OpenClaw skills and preparing publication, and the included code currently does not perform any real upload or network transfer.

Use --dry-run first and review every skill it lists. Only provide a ClawHub API key you intend to use for publishing authority, and reassess any later version that implements the TODO upload function because that would change the data-transfer risk.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 84% confidence
Finding: The skill documentation instructs users to supply a CLAWHUB_API_KEY and publish local skills, which implies use of environment-sourced secrets and outbound publication behavior, yet no permissions are declared. This creates a transparency and trust problem: users and platform controls may not be properly informed that the skill accesses sensitive credentials and can transmit local content to an external marketplace.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The quick-start instructions encourage bulk publishing of local skills after configuring an API key, but do not warn users that local skill contents, metadata, pricing information, and possibly embedded secrets in packaged files may be sent to an external service. In a bulk workflow, this omission increases the risk of accidental disclosure or publication of sensitive or private assets.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal