Skills
skills/hkuds/deeptutor/clawhub/Gen Agent Trust Hub

clawhub

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Invokes shell commands via npx to interact with the ClawHub registry for searching and installing skills.
  • [EXTERNAL_DOWNLOADS]: Fetches the clawhub management package from the npm registry.
  • [REMOTE_CODE_EXECUTION]: Executes the downloaded clawhub package at runtime to perform its core functions.
  • [PROMPT_INJECTION]: The skill uses potentially untrusted data (skill slugs) from a remote registry as arguments in shell commands.
  • Ingestion points: Skill slugs are retrieved from the ClawHub search results and used as arguments in the install command.
  • Boundary markers: Slugs are not enclosed in quotes or other delimiters in the install command syntax.
  • Capability inventory: The skill can execute code via npx and write files to ~/.nanobot/workspace/skills/.
  • Sanitization: No input validation or sanitization is performed on the skill identifiers before they are passed to the shell.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 08:26 AM