ClawHub

Task Auditor

Security checks across malware telemetry and agentic risk

Overview

This task-auditing skill is not clearly malicious, but it needs review because its Bash script writes persistent OpenClaw files and uses an unvalidated task ID in file paths.

Install only after reviewing the local file-writing behavior. Use tightly controlled task IDs made from letters, numbers, dashes, or underscores, and consider fixing task ID validation, narrowing the trigger phrases, requiring opt-in for report/alert creation, and aligning the alert threshold with the documented pass criteria before autonomous use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Low
Confidence
90% confidence
Finding
The skill explicitly instructs the agent to create audit reports and alert files under project directories, but does not mention obtaining user consent or warning that local files will be modified. In an agent setting, undocumented file writes can cause unexpected workspace changes, clutter repositories, and overwrite or create files the user did not intend.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrase "quality check" is broad enough to match many unrelated user requests, which can cause this skill to activate outside its intended task-auditing context. Over-broad activation increases the chance of unintended routing, misuse of the skill's auditing behavior, and interference with normal assistant responses.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase "audit task" is ambiguous because it does not specify whether it refers to security auditing, project review, compliance checks, or this skill's specific anti-shortcut acceptance workflow. This ambiguity can lead to accidental invocation in unrelated conversations, causing incorrect tool selection and potentially exposing internal audit behaviors where they are not appropriate.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal