ClawHub

xinywa Coding Helper

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only coding workflow skill with disclosed local indexing and logs that fit its complex code-change purpose.

Install only where the agent is allowed to read and modify the target repository, run tests, and keep local progress files. For private or sensitive code, make sure /home/vibe/aksclaw-data is not shared unexpectedly and clean retained indexes or failure logs when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger condition "Triggered when BLOCKED" is underspecified, leaving too much discretion about when recovery logic activates. In an agent system, ambiguous activation can cause premature or inappropriate recovery behavior, such as abandoning normal safeguards, reading additional files unnecessarily, or changing approach in ways that bypass expected control flow.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs writing to fixed filesystem locations for repository indexes and run artifacts under /home/vibe/aksclaw-data, but it does not disclose or constrain those side effects. In an agent setting, undocumented writes can create privacy, integrity, and persistence risks, especially if repository contents, secrets, or execution metadata are copied into shared local storage.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill defines broad monitoring and blocking behavior ('after each step' and 'STOP execution on BLOCKED') without clearly scoping when it should activate, what workflows it governs, or how conflicts with higher-priority instructions are resolved. In an agent setting, ambiguous trigger scope can cause the watcher to inappropriately interrupt unrelated tasks, create denial-of-service behavior, or let an attacker repurpose the watcher text as a general control layer over execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal