ClawHub

Android Static Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it analyzes an Android project to create testing guidance, but users should treat source code and extracted test data as sensitive.

Install only if you are comfortable analyzing the target Android project with your configured LLM/test workflow. Run it on intended project directories, review generated files before committing or uploading them, and redact real secrets or production credentials from source before use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill is presented as a local Android source analyzer, but the workflow also accepts APKs and GitHub links, expanding trust boundaries and input sources. That broadening can lead to unintended retrieval of remote content, analysis of untrusted artifacts, and behavior the user did not expect from the declared purpose.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs writing static-profile.json into the project root without a clear up-front warning that it will modify the user's directory. Unexpected writes can overwrite files, pollute repositories, or create artifacts that get committed or consumed by other tooling.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script deliberately packages raw application source into an LLM prompt and explicitly asks the model to extract hardcoded accounts, passwords, coupon codes, and other test data. Because it then prints that prompt for downstream agent use without consent gates, redaction, or sensitivity warnings, it can exfiltrate proprietary code and embedded secrets to external model providers or logging systems.

VirusTotal

48/48 vendors flagged this skill as clean.

View on VirusTotal