ClawHub

Remote Agent Scheduler

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill for managing scheduled cloud agent runs; its persistence and connector access are disclosed enough to be acceptable, but users should review each trigger carefully.

Before installing or using this skill, confirm which cloud account, repository, environment, connectors, cron schedule, and prompt payload will be used. Do not create, update, or run a remote trigger unless the final trigger details and expected side effects are clear.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This is a real safety weakness: the skill enables creation and management of recurring remote agents that may access repositories, environments, and connectors, yet it does not warn users that these jobs can perform ongoing cloud actions affecting data or systems. In this context, omission matters because scheduled remote execution increases blast radius and persistence; a user may authorize or configure automation without fully understanding the scope of access or recurring effects.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The default prompt is broad enough to activate on common scheduling-related requests without clearly requiring remote/cloud execution intent. That can cause the wrong skill to engage, steering ordinary user requests into remote agent configuration flows with elevated operational consequences such as unintended cloud runs, repo selection, or environment handling.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal