Alon Search Skill Plus

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill for finding other agent skills, with clear source limits and safety checks.

This skill is reasonable to install if you want a guided search process for agent skills. Treat its recommendations as leads, especially from ClawHub, aggregators, or GitHub repos, and review any suggested third-party skill or npx/npm install before running it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Low

Confidence: 79% confidence
Finding: This markdown file is written entirely in Chinese and presents the skill behavior and examples in that language, with no in-file statement that users may choose another language or locale. Under the stated policy, forcing a specific language without user opt-in can be a natural-language policy issue, even though there is an English link at L01 rather than an explicit language-choice instruction.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal