Poyo Hailuo 2 3
Security checks across malware telemetry and agentic risk
Overview
The artifacts are coherent ClawHub/Convex developer skills with powerful but disclosed staff, migration, email, and review workflows guarded by auth, dry runs, and confirmation steps.
Install this only in a ClawHub/Convex maintainer context. Before using it, be comfortable with authenticated admin actions, production migrations, outbound email, and external AI review providers; keep secrets out of review bundles and require explicit confirmation before any write, send, ban, migration apply, or destructive operation.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
59/59 vendors flagged this skill as clean.