Back to skill

Security audit

Antd

Security checks across malware telemetry and agentic risk

Overview

This skill is a documentation-only Ant Design helper for React UI generation, with no evidence of hidden execution, data access, or malicious behavior.

Install this if you want your agent to generate React UI using Ant Design. Be aware that, when enabled, it may bias relevant UI requests toward Ant Design, and because the package declares autoUpdate, review future updates if your environment applies them automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The example trigger phrases are very broad and closely resemble ordinary user requests for UI work, which increases the chance that the skill is invoked unintentionally in unrelated React tasks. This can cause unexpected tool/skill routing, reduce user control, and make prompt behavior less predictable, especially in environments with automatic skill matching.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The document states that OpenClaw will automatically scan the skills directory and that the antd skill is 'ready' without explaining the conditions, permissions, or safeguards governing activation. Broad auto-scan/auto-availability claims can cause unintended skill discovery or invocation and may normalize unsafe assumptions about when unreviewed content becomes active.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The example suggests that a simple natural-language request like '用 Ant Design 创建一个登录表单' will cause the AI to automatically use the skill, but it does not define invocation constraints, precedence rules, or user confirmation. This can encourage ambiguous triggering behavior, where a skill is invoked unexpectedly or without the user's informed intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.