Back to skill

Security audit

Skill Dual Publish

Security checks across malware telemetry and agentic risk

Overview

The skill is clearly about publishing skills, but it tells agents to automatically run external publishing actions without a fresh user confirmation.

Review before installing. Use only if you want an agent to publish skills to GitHub and ClawHub with your logged-in accounts, and prefer running it with --dry-run first. Confirm the target skill path, GitHub visibility, slug, version bump, and exact files before allowing any real publish command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to automatically publish to GitHub and ClawHub and to do so immediately after certain events, but it does not require an explicit user confirmation at the point of execution. Because these actions create repositories, push code, modify metadata, and publish externally, the absence of a clear consent/impact warning can lead to unintended data exfiltration or irreversible remote changes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.