ClawHub

Diff Impact

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed code-change impact analyzer; it reads repository diffs and a local knowledge graph for its stated purpose, with no evidence of hidden execution, credential use, exfiltration, or destructive behavior.

Install this if you want repository change-impact reports. Be aware it may inspect git diffs and use or create a local code knowledge graph, so use it only in repositories where that local indexing is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation conditions are broad enough to trigger on common development contexts such as any pre-commit, pre-merge, or refactoring workflow, which can cause the skill to run when the user did not explicitly request this analysis. In an agent environment, overbroad auto-activation can lead to unnecessary repository inspection and command execution suggestions, increasing the chance of unintended actions and prompt-surface abuse.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrase '影响分析' is highly generic and likely to appear in ordinary conversation, making accidental activation plausible. This is dangerous because the skill encourages repository diff inspection and follow-on tool invocation, so a casual phrase could unexpectedly expand the agent's scope of work and expose code structure or sensitive module relationships.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger field uses broad natural-language phrases for common workflows like impact analysis and PR review, which can cause the skill to be invoked in contexts the user did not explicitly intend. Unintended invocation can expose repository context, influence review workflows, or cause the agent to perform analysis on sensitive changes when a narrower skill should have been selected.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
The metadata constrains description and triggering to Chinese-only phrasing, which can bias invocation and usability toward a single language without indicating that other languages are supported. This is primarily a safety and accessibility issue: users may misunderstand the skill's scope or be unable to invoke or inspect it correctly, increasing the chance of misoperation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal