PARA

Security checks across malware telemetry and agentic risk

Overview

This is a simple file-organization instruction skill that can move workspace files, but the behavior is disclosed, purpose-aligned, and not hidden or persistent.

Install this only if you want an agent to organize files under /root/clawd into PARA folders. Ask for a preview before large moves, because relocated files can break paths even though the skill does not appear malicious.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The skill is described as a general workspace organization mechanism without clear activation boundaries, so an agent could apply it to unrelated tasks and reorganize files unexpectedly. Because it targets broad file operations in `/root/clawd/`, ambiguous scope increases the chance of unintended movement of important user data.

Missing User Warnings

High

Confidence: 96% confidence
Finding: The skill explicitly mandates automatic file moves for all file operations and instructs use of `mv` without requiring user notice, consent, preview, or rollback. This can silently relocate files, break workflows and references, and effectively modify the user's environment in ways that are hard to detect or recover from.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal