ClawHub

UAPI 查询 GitHub 仓库 接口

Security checks across malware telemetry and agentic risk

Overview

This skill is a small GitHub repository lookup wrapper with disclosed third-party API use and no local execution or persistence.

Install this only if you want an agent to look up GitHub repository metadata through UAPI. Use it for clear GitHub repo questions, avoid sending sensitive private/internal repository names unless appropriate, and do not use returned contributor emails for scraping, spam, or profiling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list includes the standalone keyword "repo," which is highly ambiguous and can match many unrelated requests involving repositories outside the intended GitHub-repo lookup use case. This can cause unintended skill routing, leading the agent to invoke an external API with user data or context that was meant for a different tool or no tool at all.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The keyword list contains ambiguous phrases like "repo" and even "github repo" without clear scope constraints, which increases the chance of accidental activation from casual or partial matches. In an agent environment, overly broad triggers are dangerous because they can redirect workflow decisions and cause unintended external requests or incorrect responses.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill enables implicit invocation without defining clear trigger phrases, parameter guards, or scope limits, so the agent may call the GitHub repo endpoint in situations where the user did not explicitly request it. This can cause unintended external requests, incorrect tool selection, and possible leakage of user-provided repository identifiers or related context to a third-party API.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly advertises returning collaborators, maintainers, and their public email addresses without any warning about privacy sensitivity, consent, or appropriate use. Even if the emails are publicly available upstream, aggregating and surfacing them in a convenience API increases discoverability and can facilitate scraping, profiling, spam, or targeted phishing against project contributors.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal