clauwdit
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only skill for using a hosted SKILL.md security scanner, with the main caution that submitted skill text goes to an external service.
Use this for public or non-sensitive skill audits. Avoid submitting private SKILL.md files, internal URLs, credentials, or proprietary prompts unless you trust the hosted service and its data handling. Treat its score as one review input, not a final security decision.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.