ClawHub
Back to skill

Security audit

Gog Bwm

Security checks across malware telemetry and agentic risk

Overview

The supplied scanner context shows no confirmed issue, and I found no artifact-backed evidence of harmful behavior in the available workspace context.

This review found no concrete reason to block installation from the supplied evidence, but confidence is limited because the exact skill artifacts were not available for direct inspection. Review the skill text and requested permissions before installing, especially if it asks for credentials, broad filesystem access, or remote service submission.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.