ClawHub

concurrencyguard

Security checks across malware telemetry and agentic risk

Overview

ConcurrencyGuard is a local code-scanning skill with disclosed git-hook and baseline features, but users should treat its findings as heuristic and review persistent workflow changes before enabling them.

Install only if you want a local heuristic concurrency scanner. Review hook installation before running it because it changes commit behavior, review baseline files because they suppress known findings, and treat reported race-condition findings as leads to verify rather than definitive vulnerabilities.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Context-Inappropriate Capability

Medium
Confidence
82% confidence
Finding
The team report performs `git blame` author attribution for each finding, which goes beyond stated concurrency analysis and can expose contributor identity and performance-like analytics in generated output. In enterprise or shared environments, this can leak personal/workflow metadata and create privacy or misuse risks, especially if reports are broadly distributed or uploaded to CI artifacts.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The comments describe JWT-based offline validation, but the implementation only performs full HMAC signature verification when CLAWHUB_JWT_SECRET is present. Otherwise, any attacker who can supply a syntactically valid three-part token with a non-empty signature can forge claims such as tier or expiry, enabling license bypass and undermining trust in authorization checks across the skill.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The LK-003 rule claims to detect missing unlock protection, but the regex only matches any Lock()/RLock() call. In a security analyzer, this causes broad false positives that desensitize users to findings and can hide real concurrency defects behind noisy output.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The LK-006 rule treats all sync.Mutex usage as a problem even though using Mutex is often correct and safe. This undermines analyzer accuracy and can pressure users into inappropriate locking changes, reducing trust in truly important warnings.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The LK-009 rule says it detects missing lock usage in Python, but it merely matches an import of threading. That creates misleading high-severity findings for benign code and increases alert fatigue in a tool that users may rely on for secure concurrency review.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The AW-002 rule equates any .then()/.catch() usage with a missing await, but promise chaining is often intentional and safe. Misclassifying common async patterns as critical can overwhelm users with bad guidance and obscure actual unhandled-async or fire-and-forget defects.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The TS-001 rule labels a bare static instance field as a thread-unsafe singleton, but that declaration alone does not prove singleton behavior or unsafe publication. In a concurrency security tool, such overclaiming produces misleading critical alerts and reduces the credibility of genuine race-condition findings.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The TS-007 rule is internally contradictory: it says shared Pattern/Regex objects are unsafe, while the recommendation correctly notes Pattern is thread-safe and only Matcher is not. This can directly mislead developers into 'fixing' safe code and distract from real thread-safety issues involving mutable matcher state.

Missing User Warnings

Low
Confidence
77% confidence
Finding
Installing a pre-commit hook changes repository behavior and can block or alter the user's normal commit flow on future commits. Even though this is user-invoked and documented, the lack of a prominent warning/confirmation increases the risk of surprising persistent modification to the developer environment.

Missing User Warnings

Low
Confidence
79% confidence
Finding
The baseline command creates a suppression file that can affect future scan visibility, and if overwritten silently it may erase prior review decisions or mask issues. In a security-analysis tool, unexpected baseline creation is especially sensitive because it can reduce detection fidelity over time.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal