ClawHub
Back to skill

Security audit

AWS Health

Security checks across malware telemetry and agentic risk

Overview

This AWS health skill is purpose-aligned and disclosed, but users should treat the required AWS credentials carefully and prefer tightly scoped read-only access.

Install only if you intend to let the agent query AWS health data. Use temporary credentials or a least-privilege IAM policy limited to the needed EC2, ECS, and CloudWatch read actions, avoid broad account-wide ReadOnlyAccess where possible, and do not paste or expose AWS secrets in chat or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger examples include very broad phrases like "Show me AWS status" and especially "Check my infra," which can overlap with many general infrastructure or monitoring requests. This increases the chance the agent invokes the skill in unintended contexts, causing unnecessary access to AWS account metadata and health information beyond what the user specifically asked for.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill documentation requires AWS access key material and describes using those credentials, but it does not include an explicit warning about sensitive secret handling, account scope, or minimizing privileges. In practice, this can normalize unsafe credential use, increase the chance of exposing secrets in logs or configuration, and encourage broader account access than necessary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.