ClawHub

Pilot Code Review Pipeline Setup

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed setup guide for a multi-agent code review pipeline, but users should treat its Slack, webhook, and GitHub reporting as sensitive outbound sharing.

Before installing, confirm that the dependent pilot bridge skills and pilotctl binary are from sources you trust. Use restricted GitHub and Slack credentials, send notifications only to approved channels or webhooks, and avoid forwarding raw vulnerability details from private repositories unless your organization allows it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly states that review results are posted to Slack and external systems, but it does not warn that PR metadata, file names, issue details, or code-review findings may leave the local review environment. In a code-review pipeline, those results can contain sensitive internal repository information, so enabling automatic outbound sharing without disclosure or guidance creates a real data exposure risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example commands show PR identifiers, repository names, finding details, and review outcomes being published across agents and then to Slack, again without warning about sensitivity or leakage. Because this skill is specifically designed to automate code-review workflows, the context makes the issue more dangerous: users are encouraged to operationalize outbound transmission of potentially sensitive security findings as normal behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill configures a reporter role that sends review data to external systems including GitHub webhooks and Slack, but the setup guidance does not clearly warn the user that PR metadata, findings, and comments may leave the local agent network. This can cause unintended disclosure of code review results, repository identifiers, or sensitive findings, especially in private or regulated environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal