Skill Dual Publish

Security checks across malware telemetry and agentic risk

Overview

This skill is for publishing skills, but it tells the agent to automatically perform live GitHub and ClawHub publishing actions that can expose code or change accounts without a clear per-run confirmation step.

Install only if you want your agent to publish skills to GitHub and ClawHub. Before using it, inspect or provide the referenced skill-publish-dual.sh script, prefer --dry-run first, and require explicit confirmation for the target skill, repository visibility, version bump, files to publish, and whether GitHub and ClawHub publishing should both proceed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly instructs the agent to automatically run a publishing workflow immediately after certain events and to perform remote actions such as repository creation, git push, homepage modification, and ClawHub publication. This is dangerous because it authorizes consequential local and external state changes without requiring an explicit per-run user confirmation, increasing the risk of unintended code publication, data exposure, or supply-chain mistakes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal