Security audit
Clawhub Github Publish BkCCGK
Security checks across malware telemetry and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
Before installing, make sure you are comfortable running the npm package, providing a Mistral API key, and sending selected project data or media to Mistral. In sensitive environments, pin the npm version, keep tool approvals on for delete/batch/workflow actions, and use a revocable key with usage monitoring. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
VirusTotal
66/66 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
