ClawHub
Back to skill

Security audit

Cognitive Debt Guard

Security checks across malware telemetry and agentic risk

Overview

This skill is a markdown-only code review checklist for AI-generated code and does not contain executable behavior or hidden access requests.

This is low technical risk as installed, but users should verify the platform does not grant crypto or purchase permissions based on the mismatched metadata tags, since the skill does not need them. Avoid placing secrets in MEMORY.md.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal