ClawHub

Shiyi Proactive Agent

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended for task/context automation, but it describes background monitoring and file persistence without enough user-facing scope or control.

Install only if you are comfortable with a skill that may monitor agent context over time and save task/context data locally. Before enabling daemon or auto-save features, confirm where files are written, what data is observed, how to stop monitoring, and whether sensitive workspace or private information could be captured.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill advertises executable Python components that analyze context, propose tasks, monitor continuously, and auto-save to files, yet the manifest declares no permissions or safety boundaries. This creates a transparency and consent problem: users and hosting agents cannot reliably assess that the skill reads local context and writes local data before enabling it.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation says the task initiator will 'Auto-save to file' but does not warn the user that local files may be created or modified. Silent persistence can overwrite user data, leave unexpected artifacts, or store sensitive task/context information without informed consent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill describes 'Continuous monitoring' and 'Daemon mode for background operation' without warning users about ongoing observation or background execution. Background monitoring increases privacy and resource-risk because it may continuously inspect context or user activity beyond a single interactive invocation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal