ClawhHub Skill Publisher

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward ClawHub publishing helper with a broad activation trigger, but it requires user-directed details and confirmation before publishing.

Install this only if you want an agent to help publish skills to ClawHub. Before confirming a release, verify the selected folder, slug, version, changelog, tags, and the account used by your local clawhub CLI.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger logic is broad enough to activate on generic terms like "publish" or "发布" whenever the conversation merely appears related to skills, which can cause the agent to invoke a publish workflow without sufficiently explicit user intent. In a skill that performs an external release action, accidental activation increases the chance of unintended publication steps, confusion, or prompting the user toward a sensitive operation they did not clearly request.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The eval includes the prompt "发布skill", which is broad enough to activate the publishing skill without a clearly specified target, version, or user confirmation. In a skill that performs a release/publish action, such ambiguous triggering increases the chance of unintended publication workflows being initiated in the wrong context.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal