ClawHub

Skills Finder

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate marketplace search tool, but its install path can change the user's agent environment with too little review or confirmation.

Use this mainly for searching. Before installing any result, verify the exact package name, source marketplace, publisher, and permissions, and be aware that added skills may persist and affect future agent behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation examples include very broad phrases such as equivalents of 'what can you do' and 'recommend', which can match ordinary conversation rather than an explicit request to search external skill marketplaces. In this skill's context, accidental triggering is more dangerous because the documented behavior includes real-time marketplace search and one-click installation, creating a path from casual user text to network activity or environment modification.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises one-click installation and provides install commands, but does not clearly warn that these commands can fetch packages from external registries and modify the user's local environment. That omission increases the chance of uninformed consent and unsafe execution, especially since this skill searches third-party marketplaces and may lead users directly from recommendation to installation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The install flow runs remote NPX-managed package commands that may download and execute code or modify the local skill environment without an explicit warning, confirmation, or trust boundary. In the context of a skill finder that encourages one-click installation from external marketplaces, this increases the chance of users executing untrusted third-party code with little friction.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal