ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

agiza_agents

25 advanced engineering agent skills and plugins for Claude Code, Codex, Gemini CLI, Cursor, OpenClaw. Agent design, RAG, MCP servers, CI/CD, database design...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 34 · 0 current installs · 0 all-time installs
by@bizzy604
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (25 advanced engineering skills) aligns with the provided content: 25 subfolders, SKILL.md per sub-skill, and many Python utilities for static analysis, RAG, CI/CD, Terraform, etc. No required env vars or binaries are declared, which is consistent with an instruction-only skill that expects the agent environment to already have typical tooling. Minor concern: the registry metadata lists source as unknown and homepage none, while some embedded plugin.json files point to an external GitHub — lack of a clear authoritative source reduces trust.
!
Instruction Scope
The top-level SKILL.md and many sub-SKILLs instruct the agent to read project directories and run included Python scripts (e.g., python3 scripts/tf_security_scanner.py ./terraform). Those scripts perform filesystem reads and parse code (expected for these utilities). However, the SKILL.md contains detected prompt-injection patterns (e.g., 'ignore-previous-instructions', 'you-are-now') and also suggests running external installer commands (npx agent-skills-cli add ...), which causes the agent or user to fetch and execute remote code. Together these raise the risk that the skill could try to manipulate agent prompts or cause the agent to fetch/execute untrusted code. The filesystem and code-reading scope is legitimate for static-analysis tasks, but the prompt-injection phrases and remote install hints are red flags.
Install Mechanism
There is no formal install spec in the registry (instruction-only). That is lower risk in the sense nothing is automatically downloaded by the registry, but the SKILL.md encourages running an npx CLI to add a remote package (npx agent-skills-cli add alirezarezvani/claude-skills/engineering). Running that command will fetch code from npm/GitHub and execute an installer — this is an external network fetch not controlled by the registry. Many Python scripts are bundled and may be executed locally; executing them requires trusting their contents. Because the repository source is not verifiably provided in the skill metadata, these external fetches and local script executions are a meaningful install-time risk.
Credentials
The skill declares no required environment variables, secrets, or config paths. The bundled scripts are designed to scan files (including for hardcoded secrets) but do not themselves request credentials in metadata. This is proportionate to a code-auditing/engineering skills bundle. Note: some demo/sample files in the code include example hardcoded keys/passwords for testing — these are samples and not actual credential requests, but they should be treated carefully if executed or uploaded.
Persistence & Privilege
always is false and disable-model-invocation is not set to block autonomous invocation (the platform default). The skill does not request permission to alter other skills or system-wide agent settings. That is proportional. The only additional concern is that the skill suggests running an external npx add command which could alter the agent environment if the user runs it — this is an action the user controls, not an automatic persistence request from the registry.
Scan Findings in Context
[prompt-injection:ignore-previous-instructions] unexpected: The SKILL.md contains 'ignore-previous-instructions' style text. While SKILL.md necessarily contains instructions for the agent, language patterns that attempt to reset or override prior instructions are classic prompt-injection vectors and are not required to explain a skill's usage. Treat as suspicious and review/remove before allowing autonomous invocation.
[prompt-injection:you-are-now] unexpected: The SKILL.md contains 'you-are-now' style phrasing. This is another pattern commonly used to change agent role/instructions. It can be legitimate in authored agent prompts but increases the risk of unintentional instruction override; manually inspect the SKILL.md for any role-switching directives.
What to consider before installing
What to consider before installing: - Source trust: the registry shows 'source: unknown' and no homepage; prefer skills with a verifiable repository or author. The bundle’s plugin.json mentions a GitHub repo, but confirm that URL and the repository contents yourself. - Prompt-injection: the top-level SKILL.md contains phrases that look like prompt-injection (e.g., 'ignore-previous-instructions', 'you-are-now'). These can make an agent change behavior unexpectedly. Open and read the SKILL.md and remove or neutralize any such directives before granting automated invocation. - Remote fetches: the Quick Start suggests running an npx command which will fetch and execute remote installer code. Only run that if you trust the external package and have inspected it (or run in an isolated sandbox/container). - Local script execution: many bundled Python scripts read and analyze local repositories (Terraform, CI config, etc.). Review the specific scripts you intend to run; run them in a sandbox or with non-privileged user accounts first. Don't run them as root or with credentials mounted into the execution environment. - Sample secrets: demo files include example hardcoded keys/passwords for testing — treat them as test data and ensure they are not accidentally committed or used in production. - If you want lower risk: (1) manually extract only the sub-skill SKILL.md and code you need and inspect it, (2) run analyses on a copy of your codebase in an isolated environment, and (3) disable autonomous invocation for this skill until you have fully reviewed it. If you want, I can: (a) list the specific SKILL.md files that contain the suspicious prompt-injection phrases, (b) pull out and summarize the Python scripts that execute system I/O or network calls, or (c) produce a short checklist you can use to safely test this skill in a sandbox.
skill-security-auditor/scripts/skill_security_auditor.py:161
Shell command execution detected (child_process).
skill-security-auditor/scripts/skill_security_auditor.py:154
Dynamic code execution detected.
!
skill-security-auditor/references/threat-model.md:75
Prompt-injection style instruction pattern detected.
!
skill-security-auditor/SKILL.md:60
Prompt-injection style instruction pattern detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk974qkcnznm4ct1gqedd6m8gwd839j58

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Engineering Advanced Skills (POWERFUL Tier)

25 advanced engineering skills for complex architecture, automation, and platform operations.

Quick Start

Claude Code

/read engineering/agent-designer/SKILL.md

Codex CLI

npx agent-skills-cli add alirezarezvani/claude-skills/engineering

Skills Overview

SkillFolderFocus
Agent Designeragent-designer/Multi-agent architecture patterns
Agent Workflow Designeragent-workflow-designer/Workflow orchestration
API Design Reviewerapi-design-reviewer/REST/GraphQL linting, breaking changes
API Test Suite Builderapi-test-suite-builder/API test generation
Changelog Generatorchangelog-generator/Automated changelogs
CI/CD Pipeline Builderci-cd-pipeline-builder/Pipeline generation
Codebase Onboardingcodebase-onboarding/New dev onboarding guides
Database Designerdatabase-designer/Schema design, migrations
Database Schema Designerdatabase-schema-designer/ERD, normalization
Dependency Auditordependency-auditor/Dependency security scanning
Env Secrets Managerenv-secrets-manager/Secrets rotation, vault
Git Worktree Managergit-worktree-manager/Parallel branch workflows
Interview System Designerinterview-system-designer/Hiring pipeline design
MCP Server Buildermcp-server-builder/MCP tool creation
Migration Architectmigration-architect/System migration planning
Monorepo Navigatormonorepo-navigator/Monorepo tooling
Observability Designerobservability-designer/SLOs, alerts, dashboards
Performance Profilerperformance-profiler/CPU, memory, load profiling
PR Review Expertpr-review-expert/Pull request analysis
RAG Architectrag-architect/RAG system design
Release Managerrelease-manager/Release orchestration
Runbook Generatorrunbook-generator/Operational runbooks
Skill Security Auditorskill-security-auditor/Skill vulnerability scanning
Skill Testerskill-tester/Skill quality evaluation
Tech Debt Trackertech-debt-tracker/Technical debt management

Rules

  • Load only the specific skill SKILL.md you need
  • These are advanced skills — combine with engineering-team/ core skills as needed

Files

263 total
Select a file
Select a file to preview.

Comments

Loading comments…