Security audit
Classquill
Security checks across malware telemetry and agentic risk
Overview
This is a powerful but coherent operator skill bundle for ClawHub, Axiom, Convex, Sentry, documentation, and design workflows, with sensitive actions generally disclosed and gated by user intent or confirmation.
Install only if you intend to give the agent operational authority over ClawHub and observability tools. Use scoped tokens, review any Slack or email output before sending, keep org memory repositories restricted, and avoid enabling shared memory for sensitive incidents unless the content has been scrubbed.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
