ClawHub

Writes ralph loops for you that you can copy and paste

Security checks across malware telemetry and agentic risk

Overview

This skill does not run code itself, but it creates copy-paste automation loops that default to reduced-permission-check modes and lacks strong review warnings.

Install only if you understand that the generated commands may run AI coding tools repeatedly with normal approval prompts disabled. Before running any output, inspect the full command, remove no-approval flags unless necessary, prefer fixed iteration limits and stop files, and test in a version-controlled or disposable workspace.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill explicitly generates commands with `--dangerously-skip-permissions`, `--yolo`, and `grok-auto` auto-approval behavior, which suppresses interactive safety and permission checks. In a loop generator, this materially increases the chance of unattended destructive actions, especially because the commands are designed for repeated execution against arbitrary `PROMPT.md` content.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to copy a generated terminal command, paste it into a shell, and press Enter without any warning to inspect the command first. Because this skill generates automation loop commands for multiple shells and AI tools, an unsafe or malformed command could trigger repeated execution, modify files, or run unintended actions at scale, making the missing review step materially risky.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill generates and persists commands that bypass safety and permission checks without prominently warning the user in the skill description or generation flow. Saving a ready-to-run file makes risky execution easier and more likely, particularly for users who may copy-paste commands without understanding that approval safeguards have been disabled.

Missing User Warnings

High
Confidence
98% confidence
Finding
The recommended Gemini and Grok commands use `--yolo` and `grok-auto`, both of which imply automatic approval or reduced oversight during execution. In the context of iterative automation loops, these options can enable repeated high-impact actions from model output without human review, magnifying the consequences of prompt injection, model mistakes, or harmful instructions in `PROMPT.md`.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal