vettr

Security checks across malware telemetry and agentic risk

Overview

This is a coherent third-party skill scanner; its higher-risk behaviors are disclosed and tied to user-directed vetting actions.

Install only if you are comfortable with a third-party Node scanner reading the skill directories you point it at. Use URL and ClawHub remote vetting only for sources you intend to inspect, preferably in an isolated directory or container for untrusted archives. Leave autoVet disabled unless you want pre-install scans to run automatically. If you fork or reuse the repository, review or disable the included AI PR review workflow because it can send PR diffs to an external AI service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: This workflow sends PR diff content to a third-party AI service, which can expose proprietary code, secrets accidentally committed in a diff, or sensitive business context outside GitHub. Even though this appears intended for code review automation, the external transmission happens automatically and there is no minimization, consent, or explicit disclosure mechanism in the workflow itself.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal