clawhub
Warn
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute global NPM installation commands (npm i -g clawhub) and various CLI operations.
- [EXTERNAL_DOWNLOADS]: Facilitates fetching agent skills and versioned packages from an external registry at clawhub.com.
- [REMOTE_CODE_EXECUTION]: The core functionality involves downloading and installing external executable logic (skills) from a remote repository into the local workspace environment.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection via data retrieved from the remote registry. 1. Ingestion points: Data from clawhub search, clawhub install, and clawhub update command outputs. 2. Boundary markers: Absent. 3. Capability inventory: Shell command execution and file system access provided by the CLI and NPM. 4. Sanitization: Not explicitly defined in the skill instructions.
Audit Metadata