ClawHub
Back to skill

Security audit

minium-test-fixer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Minium test repair workflow that may run local tests, activate WeChat Developer Tools, and edit project files after confirmation, but I found no hidden, destructive, persistent, or exfiltrating behavior.

Install only if you want an agent to help repair Minium test locator failures. Use it in the intended test repository, review the minitest and PowerShell commands before they run, keep WeChat Developer Tools focused as expected, and confirm proposed file edits before applying them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill directs the agent to manipulate the desktop by activating a specific application window and, in one variant, sending Alt+Tab keystrokes. That expands behavior from code/log analysis into host-level UI control, which can affect unrelated applications or windows if focus detection is wrong, creating unnecessary capability and execution risk.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrases are broad, everyday expressions such as asking for help with an error, which can cause the skill to activate outside its narrow intended context. Over-broad activation increases the chance the agent will begin running tests, reading files, or proposing code changes when the user did not intend to invoke this powerful repair workflow.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The quick-start section suggests the skill should automatically engage from generic requests like 'repair test case' or pasted error logs. This lowers the bar for activation and can lead to unintended execution of the full workflow, including local test runs and code modification guidance, from ambiguous or incomplete prompts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.