APIClaw
Security checks across malware telemetry and agentic risk
Overview
APIClaw is a straightforward API documentation skill that discloses its API key requirement and does not include hidden code, persistence, or destructive behavior.
Install this only if you intend to use APIClaw and are comfortable giving the agent access to APICLAW_API_KEY. Watch credit usage, revoke or rotate the key when no longer needed, and review the separately recommended Amazon-analysis skill before installing it.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.