ClawHub

flutter-cn-setup

Security checks across malware telemetry and agentic risk

Overview

This skill performs disclosed Flutter development-environment setup for macOS users in China, with normal lasting local configuration changes but no evidence of deception or data theft.

Install this only if you want the machine configured for Flutter development. Expect Homebrew/GitHub downloads, edits to ~/.zshrc or the configured shell profile, Flutter cache setup, possible administrator prompts for Xcode steps, and a sample project at ~/hello_flutter_cn; review the scripts first and back up your shell profile if you want easy rollback.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
These instructions append environment variables to ~/.zshrc and tell the user to source the profile, creating persistent system changes without an explicit warning or confirmation step. In a trusted setup context this is common, but in an agent skill it is still risky because it permanently changes the user's shell behavior and network endpoints for package retrieval.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs use of sudo for Xcode toolchain initialization without clearly warning that elevated privileges will make system-wide developer configuration changes. Even though these commands are normal for Xcode setup, agent-driven execution of privileged commands is sensitive and should be explicitly disclosed and gated.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples instruct users to run local bootstrap and validation shell scripts that can modify the system, install software, and change environment configuration, but they provide no warning about side effects, no prompt to inspect the scripts first, and no explanation of what will be changed. In a skill that targets fresh machine setup, users are especially likely to copy-paste commands verbatim, which increases the risk of unsafe or unexpected system changes if the scripts are altered, incomplete, or overly broad.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
Appending a PATH modification directly into ~/.zshrc creates a persistent change to command resolution for all future shells, but the document does not clearly warn about that impact or advise users to verify the install path first. If copied blindly, users may shadow other binaries, introduce path confusion, or make later troubleshooting harder, especially on shared or already customized systems.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The Xcode commands use sudo and perform system-level developer-tool selection and initialization, which can affect the whole machine and other development workflows. In a troubleshooting document, these steps are legitimate, but without an explicit warning and preconditions, users may run privileged commands unnecessarily or against the wrong Xcode installation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal