ClawHub

Awesome Cheatsheets

Security checks across malware telemetry and agentic risk

Overview

The skill does not look malicious, but it claims to be a cheatsheet tool while including an unrelated local data/logging utility that stores user input.

Install only if you are comfortable with a low-functionality cheatsheet package that may create local files and retain anything entered into its generic utility commands. Avoid entering secrets or private data, and review or control AWESOME_CHEATSHEETS_DIR if you test it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Tp4

High
Category
MCP Tool Poisoning
Confidence
83% confidence
Finding
The skill is presented as a cheatsheet viewer, but the documented behavior suggests broader local data handling and generic command functionality, including creating a data directory and maintaining logs/history. This mismatch can mislead users and downstream agents about the scope of actions the skill may perform, increasing the chance of unintended local data access or persistence.

Description-Behavior Mismatch

High
Confidence
92% confidence
Finding
The implementation materially diverges from the declared skill purpose: instead of serving cheatsheet content, it provides a generic local data collection and logging utility. This kind of capability mismatch is dangerous because users and hosting platforms may grant trust based on the manifest, while the script performs unrelated persistent data handling that broadens privacy and abuse risk.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The inline help text describes a "Multi-purpose utility tool," directly contradicting the skill's stated cheatsheet purpose. While not an exploit primitive by itself, this inconsistency is a security-relevant deception signal because it obscures actual behavior and makes it harder for users to make informed trust decisions.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The script stores arbitrary user-provided data in a persistent local database and can later export it, functionality that is unrelated to a cheatsheet skill. In this context, the extra persistence and export surface increases the chance of collecting, retaining, or exposing sensitive user input without a justified business need.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The command set is overly generic: help, run, info, and status provide little indication of allowed operations or safety boundaries. In an agent context, underspecified triggers make it easier for the skill to be invoked in unintended ways and harder to constrain what 'run' actually does.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The logging helper persists command arguments to a history file for many commands without clear disclosure or consent. Command arguments often contain search terms, file paths, tokens, or other sensitive data, so silent retention creates a privacy and data exposure risk if local files are later accessed by other processes or users.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The add command writes arbitrary user input directly into a persistent file without warning that the content will be retained. In a skill presented as cheatsheets, users would not reasonably expect their entered text to be stored indefinitely, which creates avoidable privacy and accidental secret-retention risk.

Unrestricted Tool Access

Medium
Category
Excessive Agency
Content
## Usage

Run any command: `awesome-cheatsheets <command> [args]`
---
๐Ÿ’ฌ Feedback & Feature Requests: https://bytesagain.com/feedback
Powered by BytesAgain | bytesagain.com
Confidence
90% confidence
Finding
Run any command

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal