ClawdCursor

Security checks across malware telemetry and agentic risk

Overview

ClawdCursor is a disclosed desktop-control tool, but it grants very broad control over local apps and starts from an unpinned external install with consent pre-accepted.

Install only if you intentionally want an AI agent to control your desktop. Pin and review the package before installing, do not let an agent casually accept consent or start the server, keep the bearer token private, stop the server when done, and require explicit approval for sends, deletes, purchases, transfers, password-manager use, public posts, and account changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill is explicitly designed as a general-purpose OS-level desktop automation interface for 'any application,' which makes it broadly invocable across many unrelated contexts. That broad applicability is dangerous because it can be leveraged to drive sensitive GUI actions outside the user's original intent, especially since the skill includes typing, clicking, window focus, browser control, and agent delegation capabilities.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal