ClawHub

Clawsec 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed security-monitoring skill, but it asks users to enable broad HTTPS interception with system trust changes and persistent traffic logs without enough guardrails.

Install only if you trust and separately review the actual ClawSec Monitor code you will run. Prefer per-process CA settings over system-wide trust-store installation, use it only where you are authorized to intercept traffic, protect or regularly delete captured logs, and plan how to remove the CA and any persistent Docker volume when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to set up full HTTPS MITM interception and modify trust stores, but it does not present a clear warning about the privacy, security, and system-wide consequences of installing a custom root CA. This can normalize interception of sensitive traffic and increase the chance of accidental over-collection, credential exposure, or persistent trust-store misconfiguration.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
-k /Library/Keychains/System.keychain /tmp/clawsec/ca.crt

# Ubuntu / Debian
sudo cp /tmp/clawsec/ca.crt /usr/local/share/ca-certificates/clawsec.crt
sudo update-ca-certificates

# Per-process (no system trust required)
Confidence
87% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
# Ubuntu / Debian
sudo cp /tmp/clawsec/ca.crt /usr/local/share/ca-certificates/clawsec.crt
sudo update-ca-certificates

# Per-process (no system trust required)
export REQUESTS_CA_BUNDLE=/tmp/clawsec/ca.crt   # Python requests
Confidence
87% confidence
Finding
sudo

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal