ClawHub

Cuihua Monorepo Manager

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a simple read-only monorepo helper, though its description promises more automation than the included code actually provides.

This is reasonable to install for basic repository package inspection. Expect it to read package.json files in the current project; do not expect the advertised automated versioning, CI optimization, or full build planning unless future versions add that functionality, and review those future versions before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
This is a mismatch because the description claims broad monorepo management capabilities including automation of workspace orchestration, dependency management, and build optimization, but the code only performs basic workspace analysis and package listing. There is no AI behavior, no orchestration, no dependency management beyond reading dependency fields, and no build optimization. The code does not appear to have hidden unrelated behavior, but its actual functionality is materially narrower than the declared purpose.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The markdown lists activation-style phrases like "Analyze monorepo dependencies," "Optimize build order," and "Detect affected packages" without clarifying whether these are exact triggers, examples, or constrained to a specific tool context. Because the file does not provide negative examples or scope limits, these common task phrasings could cause unintended invocation in ordinary conversation about monorepos.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal