ClawHub

acpx-team

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate multi-agent delegation guide, but it needs review because it normalizes approval-bypassing agent modes and broad sharing with external AI tools without enough safeguards.

Install only if you intend to delegate work to multiple AI agents and understand that task content and code may be sent to those providers. Keep approval-gated or read-only modes by default, avoid secrets and sensitive data, use clean branches or sandboxes, pin and verify global npm installs, and reserve permission-bypass modes for tightly controlled automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is extremely broad and includes generic phrases like "security audit," "multi-agent," and requests to have another model review or implement work. This can cause the skill to activate in situations the user did not explicitly intend, increasing the chance of unreviewed delegation, context leakage to external agents, or execution of higher-risk workflows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples explicitly recommend dangerous operating modes such as `dontAsk` and `bypassPermissions` without any warning, guardrails, or discussion of consequences. In a delegation skill, this is especially risky because downstream agents may make filesystem, code, or workflow changes automatically, multiplying the blast radius across parallel workstreams.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documented protocols repeatedly instruct users to send arbitrary task content, code, review material, and synthesized outputs to external agent services without any privacy or data-handling warning. In a multi-agent delegation skill, that context increases risk because users are specifically encouraged to fan out sensitive prompts or source code across multiple third-party providers, multiplying potential data exposure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal