ClawHub

DevTeam Command

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent coding automation tool, but it launches broad autonomous code-changing subagents without clear scope limits or approval checkpoints.

Install only if you are comfortable with a skill that can hand a coding task to multiple autonomous subagents. Use it in a disposable branch or sandboxed repository, review PLAN.md and TASKS.md before allowing implementation, avoid sensitive or production repositories, and watch for overlapping runs or unexpected file changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill description explicitly says it can be used 'anytime' and 'for any coding task,' which creates an unbounded activation surface. In an agent environment, this encourages automatic routing of a wide range of requests into a multi-step autonomous pipeline without clear scope, authorization checks, or task-safety constraints, increasing the chance of misuse or unsafe delegation.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The heading 'Call Anytime' reinforces unconstrained invocation and signals that the skill should be triggerable regardless of context. That kind of ambiguous cue is risky for agent orchestration because it can cause over-selection of this skill for requests that should instead require narrower tools, manual review, or explicit approval.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The repeated 'reuse anytime' examples normalize unlimited re-invocation of the pipeline and encourage habitual triggering without contextual checks. In practice, this can amplify operational and security risk by making autonomous multi-agent execution the default response, even for tasks that may be sensitive, malformed, or outside intended scope.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal