ClawHub

Andon

Security checks across malware telemetry and agentic risk

Overview

This appears to be a local Andon/status tracker whose file writes, exports, and deletions fit its stated purpose, with some documentation gaps around storage and deletion.

Install this only if you want a local status-board tracker that creates and modifies files on your machine. Keep ANDON_DIR pointed at a dedicated private folder, confirm the entry number before using remove, and export only to directories where operational records can safely be stored.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The config command permits arbitrary key/value reads and writes to a local config file without any schema, allowlist, or purpose limitation. In an agent context, this creates an unnecessary local state-modification primitive that can be abused to persist attacker-controlled data, overwrite expected settings, or smuggle misleading configuration into future runs, which exceeds the stated Andon board purpose.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The documentation exposes a remove operation without warning that it deletes stored entries by number, which can lead to accidental loss of local operational records. In an industrial/status-board context, silent or poorly described deletion is more dangerous because users may rely on the stored history for production tracking or incident follow-up.

Missing User Warnings

Low
Confidence
76% confidence
Finding
The export command is documented without warning that it writes stored data to a file, which can unintentionally create copies of potentially sensitive operational records in less-protected locations. While the skill appears local-only, undocumented file creation/export increases the risk of accidental disclosure or mishandling of production data.

Missing User Warnings

Low
Confidence
80% confidence
Finding
Allowing ANDON_DIR to be changed without warning can cause users to unknowingly relocate reads/writes to a different on-disk data store, leading to confusion, data fragmentation, or accidental exposure in an insecure directory. In practice this is a safety/documentation weakness rather than an inherently malicious feature, but it can still affect integrity and confidentiality of local records.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The script writes to a persistent local file when setting configuration without warning, preview, or confirmation. In an interactive agent setting, silent local file modification increases the risk of unintended persistence and can surprise users who only expected a status-board query or display operation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal