ClawHub

fff

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only helper for finding and installing other skills, but users should review any suggested global install before approving it.

Use this skill mainly for explicit skill discovery. Before installing anything it suggests, check the exact package name, publisher, repository, and skills.sh page, and consider removing `-y` or avoiding `-g` unless you intentionally want a persistent user-level skill installed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The top-level description says the skill should be used for broad prompts like 'how do I do X' or any interest in extending capabilities, which can cause the agent to invoke this skill for many ordinary requests. That over-broad routing increases the chance of unnecessary exposure to external package discovery and installation flows, even when the user did not explicitly ask to search or install third-party skills.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The 'When to Use This Skill' section includes ambiguous triggers like 'can you do X' and 'mentions they wish they had help,' which are common conversational patterns unrelated to package installation. In a skill whose purpose is to discover and install external skills, ambiguous invocation conditions create a confused-deputy risk and can steer users into third-party installation paths unnecessarily.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill tells the agent it can install a skill using 'npx skills add <owner/repo@skill> -g -y', which performs global installation from external sources while suppressing confirmation prompts. This is dangerous because it reduces user review, increases the chance of installing an untrusted or typosquatted package, and expands the blast radius through global installation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal