Lunardate
Security checks across malware telemetry and agentic risk
Overview
The artifacts appear to be a coherent ClawHub registry and CLI codebase with disclosed local install, publishing, and moderation workflows.
Install or run this only if you intend to use ClawHub registry tooling. Review commands that publish, delete, moderate, update, or force-overwrite skills before running them, and keep registry/API tokens scoped and protected.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.