Back to skill

Security audit

Clawhub Publish Security

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a security-scanning helper with one detection-quality weakness, not evidence of harmful behavior.

This looks reasonable to install if you understand it is not a complete secret-scanning guarantee. Review or test its allowlist before relying on it to block publication of local paths, usernames, or other sensitive project content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The scanner claims to prevent accidental publication of sensitive information, but its placeholder allowlist explicitly treats specific real-looking personal path examples such as `Users\\vilda` as safe. That creates a blind spot where actual personal identifiers or path fragments can be exempted from detection, undermining the scanner’s security guarantees and potentially allowing sensitive data to be published unnoticed.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.