ClawHub
Back to skill

Security audit

Uos Packager

Security checks across malware telemetry and agentic risk

Overview

This is a coherent UOS/deepin Debian packaging helper, but packages it creates can include install hooks that should be reviewed before installation.

Before using generated packages, inspect DEBIAN/preinst, postinst, prerm, and postrm, and include udev rules only when the application truly needs hardware integration. Build from trusted application sources and test the .deb in a disposable environment before installing it on a main system.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The document explicitly instructs package maintainer scripts to write files into privileged system locations such as /lib/udev/rules.d and even states that some environments may allow direct writes without sudo. That grants installation-time system modification capability unrelated to a generic packaging guide unless narrowly justified for specific hardware integration, and it increases the risk of persistent host changes from package install/uninstall actions.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The guide tells users to implement preinst/postinst/postrm logic that writes and removes udev rules during package lifecycle events. Lifecycle hooks run automatically at install or uninstall time, so embedding privileged host modifications here creates a persistence and system-reconfiguration mechanism that can be abused by a malicious or compromised package.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The markdown instructs system-impacting changes to udev configuration during install without an explicit warning that these changes affect device handling, persist on the host, and may require elevated privileges. Even if intended as packaging advice, omission of strong warnings and constraints makes unsafe replication more likely.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal