ClawHub

Release Skills

Security checks across malware telemetry and agentic risk

Overview

This release-automation skill can change repository files and guide Git release steps, but those actions are disclosed, purpose-aligned, and gated by dry-run or user confirmation guidance.

Install only for repositories where you intend to run release automation. Use dry-run first, review version and changelog edits, and approve any commit, tag, or push only after confirming the branch, remote, and account are correct; consider installing from a pinned commit or trusted package source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill describes and instructs use of shell commands, file reads/writes, and likely environment access, yet it declares no permissions. This creates a transparency and governance gap: users and enforcement systems cannot accurately assess or constrain what the skill may do before it stages files, edits version metadata, creates tags, or pushes to a remote.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list includes generic terms like "push" and "update version" that can match common developer requests outside an explicit release workflow. In a skill that performs repository-modifying actions such as version bumps, changelog edits, tagging, and release creation, overly broad activation increases the chance of accidental invocation and unintended changes.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README advertises actions that modify repository state—version bumping, changelog updates, tagging, and release creation—without prominently warning that these operations change files and git history. That omission can cause users or downstream agents to invoke the skill without understanding the consequences, leading to unintended commits, tags, or releases.

Vague Triggers

Medium
Confidence
87% confidence
Finding
Broad trigger keywords like "release" and especially "push" can activate the skill in contexts unrelated to a release workflow. Because the skill includes repository-mutating actions such as staging, committing, tagging, and pushing, accidental invocation could lead to unintended source-control operations or unsafe prompting toward those actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal