ClawHub

ai-fullstack-project-scaffold

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed project-scaffolding skill that generates code, Makefiles, and Docker files, with no evidence of hidden execution, exfiltration, or persistence.

Install only if you want an agent to generate project files for you. Run it in a new or dedicated directory when possible, review generated Makefile and Docker files before running them, and be careful using the existing-project mode because it may add files to the current repository.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README describes one-click generation of a complete project scaffold, including Makefile, Dockerfile, compose files, and source tree, but does not clearly warn that these artifacts will be created in or affect the user's current working directory. In a scaffolding skill, this omission is security-relevant because users may invoke it from a populated repository and unintentionally overwrite, modify, or clutter existing workspace contents.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list includes very broad phrases such as '创建项目' and '初始化项目', which can cause the skill to be invoked in ordinary conversations that merely mention starting a project. Because this skill can generate files, scaffolding, and Docker/build artifacts, accidental activation could lead to unintended workspace changes or downstream execution of generated content.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation states that when run inside an existing project directory, the skill will automatically generate missing files, but it does not prominently warn that this modifies the current workspace. In a codebase context, silent or poorly signposted file creation can overwrite assumptions, introduce unsafe build/deploy files, or alter repositories in ways the user did not clearly authorize.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list includes generic phrases like '创建项目', '初始化项目', '代码生成', and '新项目' that are common in ordinary development conversations. This creates a real risk of unintended skill activation, which could cause the agent to invoke multiple downstream code-generation and deployment-related skills without clear user intent. Because this workflow can generate project scaffolding, build files, and Docker configs, accidental activation has broader operational impact than a read-only skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal