clawhub
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill installs the 'clawhub' package globally via npm. This package is not from a trusted organization or repository defined in the security policy.
- REMOTE_CODE_EXECUTION (MEDIUM): The 'clawhub install' and 'clawhub update' commands are designed to download and install external code (agent skills) from 'https://clawhub.com'. This registry is an untrusted source, and the downloaded skills could contain malicious instructions or code.
- COMMAND_EXECUTION (LOW): The skill executes multiple shell commands to manage authentication, searching, and installation of external packages.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes data from an external registry (descriptions, changelogs, and skill metadata) that could contain malicious instructions designed to influence the agent's behavior. Evidence: 1. Ingestion points: 'clawhub search' and 'clawhub install' metadata. 2. Boundary markers: Absent. 3. Capability inventory: 'npm install' and 'clawhub' binary execution. 4. Sanitization: Absent.
Audit Metadata