ClawHub

find skill 4

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly coherent, but it can steer broad user requests into installing third-party skills globally with confirmation skipped.

Review carefully before installing. Use this only when you explicitly want skill discovery or installation, inspect each recommended skill's source, and avoid global non-interactive installs unless you trust the package and understand it will persistently change your agent environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The description says the skill should be used whenever users ask broad questions like 'how do I do X' or express interest in extending capabilities. These triggers are common in normal conversation and can cause unintended invocation, which increases the chance the agent steers users toward package discovery or installation when they did not explicitly ask for that. In a skill that can lead to installing third-party packages, overbroad activation is materially risky.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The 'When to Use This Skill' section includes vague triggers such as 'can you do X', 'how do I do X', and general expressions of interest in extending capabilities. Because these are ambiguous everyday-language prompts, the skill may activate in many benign support conversations and pivot toward searching for external skills, creating unnecessary exposure to package recommendation or installation workflows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill tells the agent it can install a skill using 'npx skills add <owner/repo@skill> -g -y', where '-g' performs a global install and '-y' suppresses confirmation. Providing non-interactive global installation guidance without a prominent warning or explicit per-action user consent increases the risk of silently adding untrusted third-party code to the user's environment, especially since the skill's purpose is to discover packages from external sources.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal