proactive-agent

clawhub:proactive-agent

View source

85/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

85/100

HIGH 1

LOW 1

Findings (2)

HIGH

Autonomous agent spawning PROMPT_INJECTION_017

prompt-injection L18

Detects autonomous sub-agent or cron-based execution without human oversight

isolated agentTurn + Autonomous

FIX

Remove directives that force the agent to call specific tools or APIs not required for the skill's stated functionality. Tool calls should be determined by user intent, not embedded directives.

FP?

Likely FP if the skill legitimately needs to call other tools as part of its workflow (e.g., a deployment skill that calls git and cloud CLI tools).

LOW

Shell script file execution CMDEXEC_013

command-execution L90

Detects execution of shell script files via bash/sh command or direct invocation

./scripts/security-audit.sh

FIX

Replace direct shell script execution with a language-native implementation or a sandboxed executor. If shell scripts must run, restrict them to a vetted allowlist with integrity checks.

FP?

Likely FP if the match references running a script that is part of the skill's own repository (e.g., ./setup.sh) with clear, auditable contents.