ClawHub

Kubernetes

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Kubernetes manifest helper; its main risk is that users could copy examples that expose services publicly without enough review.

Before installing, verify that you trust the package or repository source. Before applying generated YAML, replace placeholders, keep real secrets out of Git, and review every LoadBalancer or Ingress so only intended services are exposed publicly, with source restrictions, TLS, authentication, and network policies where appropriate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The template includes a ready-to-use internet-facing LoadBalancer Service using AWS NLB annotations, which can directly expose workloads to the public Internet if copied without careful review. In a manifest-generation skill, this is risky because users may treat templates as production-safe defaults and deploy external exposure without adding IP restrictions, authentication, or explicit justification.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The service template explicitly sets the AWS load balancer scheme to "internet-facing" but does not include an in-band warning that this makes the service publicly reachable. Because this skill is intended to generate Kubernetes manifests with production-grade guidance, omission of a clear warning increases the chance of accidental unsafe deployment by users who may not understand the exposure implications.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The example labeled as a public API configures a LoadBalancer with `loadBalancerSourceRanges: 0.0.0.0/0`, which explicitly permits traffic from any IPv4 address on the internet. In a manifest-generation reference intended for production use, presenting this pattern without a clear warning or safer default can normalize broad exposure and lead users to deploy internet-reachable services unintentionally.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The example for a public API uses a LoadBalancer with `loadBalancerSourceRanges: 0.0.0.0/0`, which explicitly permits traffic from any source on the internet. In a reference document for production-grade Kubernetes manifests, presenting this pattern without a clear warning or stronger secure default can lead users to copy an internet-exposed configuration into real deployments, increasing attack surface and making accidental overexposure more likely.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal