ClawHub

Spec Miner

Security checks across malware telemetry and agentic risk

Overview

This skill is a code-documentation helper that reads a project and saves a spec file, with some expected caution around shell access and sensitive config files.

Install this if you want an agent to inspect a codebase and generate documentation. Use it only on repositories you are willing to analyze, review or approve any Bash commands before they run, and tell the agent not to copy secret values from .env or config files into the generated spec.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Low
Confidence
82% confidence
Finding
The manifest describes the skill as being used to understand legacy systems and create documentation from existing code, with scope marked as 'review'. However, the instructions explicitly direct the agent to save a generated specification file under `specs/{project_name}_reverse_spec.md`, which goes beyond passive review into producing and persisting new artifacts.

Vague Triggers

Medium
Confidence
94% confidence
Finding
This markdown file defines triggers such as "code analysis," "undocumented," "existing system," and "understand codebase," which overlap with common developer requests and lack clear boundaries. The skill does not provide exclusions or negative examples to clarify when it should not activate, making invocation scope ambiguous.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The markdown instructs the agent to save output as `specs/{project_name}_reverse_spec.md`, which is a file write affecting user data or workspace contents. There is no accompanying warning that the skill creates or modifies files, nor any note about confirming the target path or overwriting behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal