ClawHub

Find Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it needs Review because it can steer ordinary requests toward globally installing third-party skills while skipping installer confirmations.

Install only if you specifically want a helper for finding external skills. Before allowing it to install anything, verify the exact source and publisher, inspect the skill or repository, and prefer removing `-y` so the installer can show its own confirmation prompt.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The top-level description defines activation in very broad terms such as when users ask 'how do I do X' or 'can you do X', which overlaps heavily with ordinary assistance requests. In an agent system, this can cause the skill to activate unnecessarily and steer the agent toward discovering or installing third-party skills instead of answering directly, increasing the chance of unnecessary package discovery or installation workflows.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The 'When to Use This Skill' section contains multiple ambiguous triggers like common task questions, specialized capability requests, and general interest in extending capabilities, but provides no clear 'do not use' boundaries. That ambiguity can lead to over-invocation and unnecessary exposure to external package search and install paths, which is risky in a skill ecosystem that may include untrusted third-party content.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to offer installation using 'npx skills add <owner/repo@skill> -g -y', where '-g' performs a global install and '-y' suppresses confirmation prompts, yet it does not warn the user about the system-wide effect or the trust implications of installing third-party code. This lowers friction for risky actions and can lead to silent installation of unreviewed packages with broader persistence than the user may expect.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal