ClawHub

log-to-incident-report

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward log-to-incident-report assistant, but users should redact sensitive log data before using it.

Install only if you are comfortable pasting logs into the agent context. Redact API keys, tokens, cookies, session IDs, private hostnames, personal data, and regulated information first. Treat the README API_KEY and write-mode examples as poorly documented template residue unless the publisher clarifies what service is used and whether any files are created or modified.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The file defines a full test runner in `_main()` that executes all tests, but later redefines `_main()` to call `_run_unit_tests()`, which is undefined. As a result, running the file as instructed will crash instead of executing the validation suite, undermining integrity checks and allowing packaging or policy violations to go undetected.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The README instructs users to supply an API key but provides no guidance on secure handling, storage, rotation, or the privacy implications of sending logs to an external service. Because this skill processes error logs, users may include secrets, tokens, stack traces, or personal data, increasing the chance of credential exposure or sensitive-data leakage to third parties.

Missing User Warnings

Medium
Confidence
80% confidence
Finding
The README advertises a write mode with an input file but gives no warning about whether it may overwrite files, transform data, or emit artifacts. In a tool ecosystem where users may execute commands directly from documentation, undocumented write behavior can lead to unintended file modification or data handling surprises.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This skill explicitly asks users to paste logs, but logs frequently contain secrets, tokens, session IDs, internal hostnames, personal data, and stack traces with sensitive context. Without a warning or redaction guidance, users may disclose confidential information into the model context, creating privacy, credential exposure, and downstream data-handling risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal