Skills
skills/qwibitai/nanoclaw/update-nanoclaw/Gen Agent Trust Hub

update-nanoclaw

Fail

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The file diagnostics.md contains a hardcoded PostHog project API key used for capturing telemetry data.
  • [COMMAND_EXECUTION]: The skill uses various shell commands to perform repository operations (git), run build and test scripts (pnpm), and manage system services (launchctl).
  • [DATA_EXFILTRATION]: When opted-in by the user, the skill collects system metadata (version, OS, architecture) and transmits it to a third-party analytics service (PostHog).
  • [EXTERNAL_DOWNLOADS]: The skill fetches updates and configurations from the official project repository hosted on GitHub.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external content from the repository's CHANGELOG.md.
  • Ingestion points: The skill analyzes diffs of the CHANGELOG.md file after an update.
  • Boundary markers: No delimiters or explicit instructions are provided to the agent to ignore potentially malicious content within the changelog.
  • Capability inventory: The skill can invoke additional skills using the Skill tool based on the content of the parsed changelog entries.
  • Sanitization: There is no validation or sanitization performed on the skill names identified in the changelog before they are executed.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 4, 2026, 07:52 PM