ClawHub

Auto Dev Pipeline

Security checks across malware telemetry and agentic risk

Overview

This skill openly describes a hands-off workflow that generates app requirements, SwiftUI code, and tests, with no evidence of hidden or malicious behavior in the reviewed artifact.

Install this only if you want an automated pipeline that creates PRDs, code, and tests on disk. Confirm you trust the referenced PRD, development, and QA skills, avoid putting secrets into app prompts, and review generated code before building or publishing it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger mechanism is defined with very broad natural-language examples and no explicit guardrails, approval step, or eligibility checks. In a skill that automatically chains PRD generation, code generation, and test creation, this can cause unintended invocation and unreviewed downstream actions such as spawning sub-agents and writing artifacts to disk.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The top-level description says to use the skill whenever a user provides a simple app idea and wants a fully automated process, which is overly permissive for a skill that performs multi-stage autonomous actions. This increases the chance the skill will activate in contexts where the user was only brainstorming, leading to unintended code generation and file creation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The workflow describes automatic creation of PRDs, projects, and test suites across multiple output directories, but does not prominently warn that the skill will write substantial artifacts to disk without manual intervention. This weakens user consent and increases the risk of surprise file creation, workspace pollution, or unintended persistence of generated content.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal