ClawHub发布工具

Security checks across malware telemetry and agentic risk

Overview

This publishing helper appears purpose-aligned, but it exposes a built-in publishing credential and under-explains what local files are uploaded.

Treat this as a Review install. Only use it on a directory you have inspected for secrets or proprietary content, and do not use the bundled publishing credential. The publisher should remove and rotate the exposed token, require user-owned authentication, and document exactly what files are uploaded.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documentation instructs users to publish a local skill to a remote service but does not disclose that local skill files, metadata, and possibly embedded secrets or proprietary content may be transmitted off-host. This creates a real security and privacy risk because users may unknowingly upload sensitive source code or configuration data from the specified skill directory.

Missing User Warnings

High

Confidence: 99% confidence
Finding: A hardcoded bearer token is embedded directly in the script and used to authenticate publishing requests to an external service. Anyone who obtains the file can reuse the credential to publish, modify, or abuse the associated account or API access, making this a clear secret-exposure vulnerability.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal