Back to skill

Security audit

Clawhub Search & Verify

Security checks across malware telemetry and agentic risk

Overview

This skill has a reasonable search-and-approve purpose, but its safety claims do not match what its included script can do.

Review before installing. Treat this as a CLI wrapper that can run local clawhub commands, use your logged-in ClawHub session, and write your search terms to disk. Do not rely on its Trusted/Suspicious labels as a real security review; independently inspect any target skill before approving installation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The script claims the logging is 'read-only, no side effects' but it appends the user's search term to a local log file. This is a real integrity and transparency issue because users are misled about data handling, and search terms may contain sensitive internal project names, credentials pasted by mistake, or other private queries.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Search queries are written to disk without clear user notice, creating a privacy leak if the machine is shared, backed up, monitored, or later compromised. In the skill context, users may search for sensitive capability names or internal terms, so persistent logging increases exposure beyond the immediate CLI action.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.