ClawHub

CHIS/CHISF

Security checks across malware telemetry and agentic risk

Overview

This skill is a Review item because it helps install and force-overwrite other OpenClaw skills, including flagged packages, and points to an unverified local fallback installer.

Install only if you intentionally want a shortcut that can add or overwrite OpenClaw skills. Before using chisf, --force, or the fallback installer, inspect the target skill, verify the workspace path, and do not force-install flagged packages unless you have manually reviewed the contents and trust the source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly advises using `--force` when a package is flagged as suspicious, which normalizes bypassing safety signals without requiring an explicit warning, approval gate, or verification process. In an installation workflow, this can lead users or agents to install untrusted or overwrite-prone packages despite indicators of risk, increasing the chance of malicious skill deployment or accidental replacement of trusted content.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The local fallback installer path introduces an alternate executable outside the primary documented workflow and presents optional `--force` usage without any integrity, provenance, or trust warning. Because local helper binaries can be modified, replaced, or environment-specific, encouraging their use as a fallback materially increases supply-chain and execution risk, especially when paired with forced installation semantics.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal