ClawHub

Zip

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local ZIP utility, but users should be careful because extraction can overwrite files and encrypted ZIP passwords are passed on the command line.

Install only if you are comfortable letting it create, update, and extract local ZIP files. Extract untrusted archives into a new empty folder, avoid extracting into important directories, and do not use sensitive reusable passwords with the password command because command-line passwords can appear in logs, shell history, or process metadata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill exposes extraction and archive modification operations without any warning that these actions write files to disk and may overwrite or place files in user-specified locations. In an agent context, missing safety guidance can lead to unintended filesystem changes or unsafe extraction of untrusted archives.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The password command takes the archive password directly on the command line, which can expose secrets through shell history, process listings, logs, or agent telemetry. In automation environments, this can leak backup or archive passwords to other users or systems with access to those channels.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The extract command uses `unzip -o`, which forces overwriting existing files in the destination directory without prompting the user. In a batch-oriented archive tool this can destroy or replace local files unexpectedly, especially when extracting untrusted archives or when the output directory is broad such as `.`.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The password is supplied as a positional command-line argument and then passed to `zip -P`, which exposes the secret through shell history, process listings, audit logs, and possibly orchestrator telemetry. This undermines the confidentiality of the encrypted archive because other local users or monitoring systems may recover the password.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal