ClawHub

deadcode

Security checks across malware telemetry and agentic risk

Overview

This is mostly a coherent local dead-code scanner, but it needs review because some optional commands make persistent changes and unsafe input handling could execute crafted local input.

Install only if you trust the publisher and are comfortable with local shell scripts. Prefer using the scan command first, review any hook installation before running it, and avoid passing untrusted license keys or ignore patterns until the input-handling issue is fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
This script goes beyond passive dead-code analysis by installing and removing git hooks and modifying repository files. Those side effects create persistent changes to the user's development environment and repo state, which is risky for a tool presented primarily as a scanner, especially because the changes happen without an explicit confirmation step.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The hook installation path edits lefthook.yml in the repository and can persist code execution on future commits. For a dead-code detector, modifying git hook configuration is a privileged side effect that can surprise users and expand the trust boundary from one-time analysis to ongoing automatic execution.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Hook installation writes or appends to repository configuration without a confirmation prompt or explicit warning. That can lead to unexpected persistent repo changes and automatic execution during future commits, which is dangerous in security-sensitive or shared repositories.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The ignore-rule command silently creates or modifies the user's global OpenClaw config under $HOME, making persistent changes outside the current repository. Silent writes to global configuration are risky because they can affect future tool behavior across projects and are not obvious to the user at the time of execution.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal