ClawHub

github改hosts文件加速skill,仅针对windows

Security checks across malware telemetry and agentic risk

Overview

The skill is transparent about speeding up GitHub on Windows, but it would make persistent system-wide hosts-file changes without enough confirmation, backup, or rollback safeguards.

Install only if you intentionally want an agent to change the Windows hosts file for GitHub routing. Before running it, require the agent to show the proposed entries, back up the existing hosts file, validate each GitHub domain separately, and provide exact rollback steps. Avoid granting administrator privileges for a general GitHub slowness question unless you have chosen this specific fix.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list is broad enough to activate on generic mentions of GitHub slowness or hosts files, which can cause the agent to propose or initiate a privileged system configuration change in contexts where the user did not explicitly request it. Because the skill modifies network resolution behavior on Windows, unintended activation increases the chance of unnecessary or unsafe system changes.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs direct modification of `C:\Windows\System32\drivers\etc\hosts`, a privileged system file that affects name resolution for all applications, without a prominent warning about persistence, rollback, correctness risks, or possible connectivity/security side effects. Hardcoding or selecting a single 'fastest' IP for GitHub domains can break TLS routing assumptions, cause service instability, or redirect traffic incorrectly as CDN and service IPs change over time.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The script writes to the Windows hosts file and flushes DNS with no confirmation, no backup, and no clear disclosure inside the executable workflow, enabling silent persistent changes to system name resolution. In the skill context this is more dangerous because the script is framed as an optimization step, which may encourage users to run privileged code that can disrupt access to GitHub or other services if resolution becomes stale or incorrect.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal