ClawHub

PRECC

Security checks across malware telemetry and agentic risk

Overview

PRECC is a coherent cost-saving hook, but it installs remote code and automatically changes commands, searches, and context files with limited scoping details.

Review the GitHub installer and source before installing, prefer a pinned release or checksum, and enable PRECC only in workspaces where automatic command rewriting and search redirection are acceptable. Start with dry-run modes for context compression, avoid ingesting all session history if it may contain secrets, and confirm how to disable the hook and delete learned data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The installation instructions tell users to pipe a remotely fetched script directly into bash, which executes network-delivered code without review, integrity verification, or pinning to a trusted version. If the GitHub account, repository, branch, or transport path is compromised, users could immediately run attacker-controlled code on their systems.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill states it works automatically as a PreToolUse hook, but the surrounding description emphasizes automation and savings without clearly warning that it can rewrite commands, alter execution context, and modify context files. In a hook context, undisclosed command rewriting increases the chance that users will authorize behavior they do not fully understand, which can lead to unintended command execution or file modification.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal