ClawHub

code-debug-companion

Security checks across malware telemetry and agentic risk

Overview

This debugging skill is useful and mostly purpose-aligned, but it can modify project files and use external search with broad triggers and limited consent/privacy controls.

Install only if you are comfortable with a debugging assistant that may search externally and propose or make project changes. Use it in a version-controlled workspace, review diffs before accepting edits, avoid sending proprietary stack traces or secrets to search, and require confirmation before file writes or GitHub issue creation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly describes automatic code writes and test-file creation, but does not mention any confirmation step, dry-run mode, scope limits, or warning that project files will be modified. In a debugging skill, this can lead users to trigger unintended source changes or test generation in the wrong repository context, causing integrity and workflow risks even if the goal is helpful automation.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README says the skill uses external search services to look up StackOverflow/GitHub/documentation results, but does not warn that debugging context may contain proprietary code, stack traces, file paths, secrets, or internal identifiers. In a code-debugging workflow, this makes accidental data exfiltration more likely because users are encouraged to submit rich error context for troubleshooting.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list is broad enough that ordinary debugging-related user messages could activate the skill unintentionally, causing the agent to begin a workflow that includes code analysis, web search, test generation, and file modifications. In this skill's context, unintended activation is more concerning because the documented workflow chains into potentially state-changing actions rather than just providing passive advice.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill describes a workflow that can write repaired code, generate unit tests, and create GitHub issues, but it does not clearly warn the user about these side effects or when they will occur. This creates a consent and transparency problem: users may invoke what appears to be analysis-only assistance and unexpectedly trigger modifications to local files or external artifacts.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list contains very broad terms such as “debug”, “修复”, and “报错”, which are likely to match ordinary developer conversations and invoke the skill in contexts where users did not intend extensive code-analysis behavior. In this skill, broad activation increases the chance of unintentionally ingesting sensitive source code, logs, or stack traces and then continuing into later steps such as external search.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The workflow explicitly performs external searches against third-party sources using extracted error keywords, but it does not warn users that stack traces, file paths, code fragments, or other debugging details may be transmitted outside the local environment. In a debugging skill, this is especially dangerous because error reports commonly contain secrets, internal repository names, hostnames, credentials, and proprietary code context.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal