ClawHub

project-explorer-skill

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended to explore or set up GitHub projects, but it gives broad activation guidance and directs cloning, dependency installation, and running projects without clear safety gates.

Install only if you want an agent to help set up and run external GitHub projects. Treat any target repository as untrusted: ask the agent to inspect files first, avoid automatic dependency installs, run only in a disposable sandbox or container without secrets, and require explicit confirmation before executing project scripts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list is broad enough to match many ordinary requests about understanding a project or topic, which can cause the skill to activate unexpectedly. Because the skill then proceeds toward cloning, installing, and running software, accidental invocation materially increases the chance of unsafe actions being proposed or taken in the wrong context.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly directs cloning, installing dependencies, and running unfamiliar GitHub projects, but provides no safety constraints around untrusted code execution, package-install side effects, secrets exposure, or system modification. In this context, that omission is dangerous because repository setup steps frequently execute maintainer-controlled scripts and binaries, creating a direct path to compromise if a malicious or trojanized project is explored.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal