ClawHub

Axios Security Check

v1.0.0

Checks for the March 2026 axios supply chain attack — two malicious npm versions (axios@1.14.1 and axios@0.30.4) that injected a RAT dropper via a fake depen...

0· 46·0 current·0 all-time
byChanrich Pisitjing@vjumpkung
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill name/description match the SKILL.md contents. All checks and remediation steps (lockfile checks, node_modules check, system artifact paths, CI log search, credential rotation, blocking C2) are relevant to investigating a supply-chain RAT introduced by malicious axios/npm packages.
Instruction Scope
Instructions explicitly direct reading project files (lockfiles, node_modules) and specific system paths (/Library/Caches/com.apple.act.mond, /tmp/ld.py, %PROGRAMDATA%\wt.exe), and include commands that modify system state (rm -rf, echo to /etc/hosts, iptables). Those actions are appropriate for remediation guidance, but they are destructive and require admin privileges — they should be run by a human or incident-response automation with explicit authorization. The SKILL.md does not request unrelated secrets or other system files.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is downloaded or written by an installer step, minimizing supply-chain install risk.
Credentials
The skill requests no environment variables or credentials. The remediation guidance correctly calls for rotating credentials if a compromise is confirmed; this is proportional to a post-compromise response and not a precondition of the skill.
Persistence & Privilege
always:false (good). Model invocation is allowed (default). Because the instructions include potentially-destructive system commands, granting an agent autonomous execution rights would increase risk; prefer human confirmation or restricted automation when performing these steps.
Assessment
This is a coherent, purpose-built guide for detecting and responding to the axios/npm compromise. Before using it: (1) do not let an agent run the remediation commands autonomously — require human approval; (2) run checks in an isolated environment or on a copy/backups to avoid contaminating evidence; (3) commands like rm -rf, iptables, and editing /etc/hosts require sudo and can be disruptive — review them before execution; (4) when compromise is confirmed, follow your org's incident-response process (preserve logs, rebuild from known-good media, rotate secrets listed in the guide); (5) verify IOCs (hashes, domain/IP) independently before blocking or taking network action. If you want stricter safety, restrict the skill from autonomous invocation or convert it into a read-only checklist that only suggests commands rather than running them.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e0mwy4p4wjkvhcbhq5s2f0d840v8c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments