ClawHub

Cis Benchmark Audit

Security checks across malware telemetry and agentic risk

Overview

This is a read-only network compliance audit guide; it may expose sensitive device configuration, but that access fits its stated purpose.

Install only for authorized network audits. Use read-only accounts scoped to approved devices, review commands before running them, and treat collected usernames, SNMP settings, authentication details, firewall policies, routing data, NAT/decryption rules, and session information as confidential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The file’s top-level description frames the entire command set as non-modifying read-only verification suitable for production audit. While `test security-policy-match` may not change configuration, it is operationally different from the documented read-only `show` pattern and contradicts the file’s blanket claim that all commands are non-modifying verification commands.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This markdown file lists commands that retrieve sensitive security information such as user accounts, SNMP communities, authentication settings, and full running configurations, but the description only emphasizes that the commands are non-modifying and low-risk for change control. It does not warn that command output may contain secrets, infrastructure details, or other sensitive audit data that should be handled carefully.

Direct Prompt Extraction

High
Category
System Prompt Leakage
Content
| Function | CLI Command |
|----------|-------------|
| Full security policy (effective) | `show running security-policy` |
| Security policy hit counts | `show rule-hit-count vsys vsys1 security rules all` |
| Security Profile Groups | `show running profile-group` |
| Zone configuration and assignments | `show running zone` |
| Zone protection profiles | `show running zone-protection-profile` |
Confidence
85% confidence
Finding
show rule

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal