MrBeast 视角
Security checks across malware telemetry and agentic risk
Overview
The skill artifacts are coherent and disclose their intended Convex, ClawHub review, UI proof, and moderation workflows without hidden exfiltration or destructive behavior.
Before installing, note that several workflows can make real changes when invoked: moderation commands can ban/unban users or change roles, UI proof can publish artifacts to GitHub, and autoreview can run a nested full-access review helper by default. Use these only in trusted ClawHub repositories and confirm targets, credentials, and commands before write actions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.