ClawHub

ai-code-migration-risk-assessor

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed code-change risk assessment workflow that reads repository change data and passes it to analysis skills, with no hidden executable code or persistence found.

Before installing, confirm you are comfortable letting the workflow and its dependent GitHub, code-review, and DevOps skills inspect repository diffs, commit history, code search results, and possibly audit-style operational data. Use least-privilege tokens, avoid exposing secrets in diffs, and run it only on repositories and logs the reviewing agent is allowed to see.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs the workflow to fetch GitHub PR and repository data and pass diffs, commit history, and code content across multiple skills/services, but it provides no disclosure, minimization guidance, or warning about potential transmission of sensitive source code and metadata to external components. In a code-analysis skill, this is materially risky because private code, secrets in diffs, internal repository structure, and commit metadata may be exposed beyond the user's expectations or organizational policy boundaries.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are broad and generic to code change and refactoring topics, with no repository, role, or task-scoping constraints. In an agent ecosystem this can cause unintended activation on loosely related prompts, which may lead to unnecessary access to GitHub, code review, and dependency-analysis capabilities and increase the chance of over-collection or misuse of sensitive repository context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal