ClawHub

Claude Doc Doctor

Security checks across malware telemetry and agentic risk

Overview

Doc Doctor is a disclosed documentation linter and fixer, with expected local file access and optional Claude memory scanning that users should treat cautiously.

Install only if you trust the kb-lint package and want an agent to inspect and potentially edit markdown files. Use it in a backed-up or git-tracked workspace, review proposed changes before applying them, and enable memory mode only if you are comfortable scanning ~/.claude/.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill prominently advertises automatic fixes, including renaming files and updating references, but does not present an upfront warning that it may modify project content. This creates a real safety issue because users may invoke a seemingly diagnostic action and trigger broad file changes without informed consent, especially in documentation repositories where renames can affect tooling, links, and workflows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The memory-mode feature explicitly targets ~/.claude/, which is likely to contain personal or sensitive assistant memory data, yet the skill does not clearly warn users that these files may be scanned and potentially altered. That is dangerous because it expands the scope from project docs to private local state, increasing privacy and integrity risks if the user does not understand what will be accessed.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal