ClawHub

Command Creator

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed command-file generator; its main risk is that the generated commands can later automate powerful actions.

Install only if you want help creating persistent slash commands. Prefer project-local commands unless you intentionally need global behavior, inspect generated markdown before invoking it, and be especially careful with commands that run shell tools, stage or commit code, publish PRs, or invoke subagents. Verify the remote install source before using the README's npx command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The best-practices file recommends `git add .` and `git commit` as a generic workflow without requiring explicit user confirmation or warning that repository state will be modified. In a skill designed to help create reusable agent commands, this can normalize autonomous state-changing actions and lead downstream commands to stage unintended files or create unwanted commits.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The example instructs `gt submit --stack --publish --no-edit` without warning that it may push code and publish PRs externally. Because this document is guidance for creating reusable autonomous commands, omitting that warning can cause agents or users to publish proprietary or unreviewed code to remote services unexpectedly.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This example normalizes a workflow that performs `git add .`, creates a commit, and publishes pull requests with `gt submit --stack --publish --no-edit` without an explicit warning or confirmation gate before making local and remote state changes. In a command-creation reference file, this is especially risky because downstream authors may copy the pattern verbatim, leading to commands that modify repositories and publish to remotes more easily than users expect.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This documentation normalizes workflows that can create commits, submit PRs, write files, and run shell commands, but it does not consistently require explicit user confirmation or warn about repository and local-file side effects. In an agent skill, those omissions matter because downstream command authors may copy these patterns verbatim, producing automations that modify code or external state without sufficient guardrails.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The Makefile Integration section explicitly tells users to always use the Bash tool for commands like make, pytest, pyright, and gt without warning that local shell commands may execute arbitrary project-defined behavior. Because make targets and scripts are repository-controlled and can have side effects beyond validation, this pattern can lead to unintended code execution or environment changes when reused in generated commands.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal