ClawHub

TOSR Publish Then Update Test

Security checks across malware telemetry and agentic risk

Overview

This is a clearly disclosed ephemeral ClawHub lifecycle test skill, not a hidden or general-purpose destructive tool.

Install or run this only if you intend to exercise the real ClawHub API with a test skill. It can create, update, and delete a remote skill as part of cleanup, so use an appropriate test account or token and avoid treating it as a normal end-user skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly states it performs live publish, update, and delete operations against the real API, but it does not present a clear safety warning, confirmation requirement, or scope limitation for modifying remote resources. In an agent setting, this can cause unintended changes to external systems if a user or operator does not realize the skill is destructive and non-read-only.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
## Notes

This skill is ephemeral and will be automatically deleted after the test completes.
If you see this skill listed on clawhub, it means a test run failed to clean up properly.
Confidence
78% confidence
Finding
automatically delete

Tool Parameter Abuse

High
Category
Tool Misuse
Content
1. **Publish** — Creates a new skill via POST /api/v1/skills with multipart form data
2. **Inspect** — Retrieves skill metadata via GET /api/v1/skills/{slug}
3. **Update** — Publishes a new version of an existing skill
4. **Delete** — Removes the skill via DELETE /api/v1/skills/{slug}

## Notes
Confidence
86% confidence
Finding
DELETE /api/v1/skills/{slug}

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal