ClawHub

Wireshark Analysis

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Wireshark analysis guide whose sensitive packet-capture behavior is expected for its purpose and mostly disclosed.

Install only if you are authorized to inspect the relevant network traffic. Use capture filters, stop captures promptly, protect PCAPs as sensitive data, and treat exported HTTP objects as untrusted files that may contain malware or confidential information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs users to start a live packet capture immediately but does not prominently warn that doing so can collect credentials, session tokens, personal data, and unrelated third-party traffic. In a security-analysis context this omission can lead to accidental overcollection and privacy or compliance violations, especially for inexperienced users.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The export guidance tells users how to extract HTTP objects without warning that the recovered files may contain malware, exploits, confidential documents, or regulated data. This can cause unsafe handling of untrusted content, including accidental opening or redistribution of malicious or sensitive files during analysis.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal