ClawHub

ClawHub Skill Publisher

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed ClawHub publishing helper that uses local credentials and CLI commands for its stated purpose, with one non-security content gate users should understand.

Install only if you are comfortable giving the skill access to a ClawHub token with publishing authority. Prefer a scoped token if available, review the exact skill path or sync root before running, use dry-run where possible, avoid untrusted registry overrides, and be aware that the default single-skill preflight blocks CJK text unless explicitly allowed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Natural-Language Policy Violations

Medium
Confidence
96% confidence
Finding
The README documents a policy that blocks publishing when CJK characters are detected unless explicitly allowed, which is a content restriction based on language/script rather than a clearly scoped technical risk. In a publishing assistant, this creates discriminatory behavior and can improperly prevent legitimate multilingual skills from being released, especially if operators rely on the documented behavior as an enforced safety gate.

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The skill states that its default policy blocks Chinese/CJK text from skill payloads before publishing, with only an override flag to bypass the restriction. This introduces discriminatory behavior unrelated to security, can cause unjustified denial of service for legitimate content, and may push users to weaken checks globally with broad override flags rather than using narrowly tailored validation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal