ClawHub
Back to skill

Security audit

ProClaw Logo Design Mastery(logo 设计专家)

Security checks across malware telemetry and agentic risk

Overview

The skill pack contains disclosed ClawHub and Convex workflow helpers, including some powerful moderation and review commands, but I did not find hidden or unrelated behavior.

Install only if you trust the repo and intend to give the agent operational authority over ClawHub or Convex work. Before running moderation, deployment, migration, proof publishing, or autoreview commands, confirm the exact target and expected effect; use the autoreview --no-yolo option if you do not want nested review to run with broad local access.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.