ClawForage Research Agent

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a local research tool that reads saved knowledge articles and writes reports, with no evidence of hidden data sending or destructive behavior.

Install only if you are comfortable with the skill reading articles in `memory/knowledge/` and saving synthesized reports under `memory/research/`. Review or limit the knowledge files before running it, check generated reports before sharing them, and confirm whether any separate scheduler is enabled if you do not want automatic Monday/Thursday runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The skill writes new files into the local workspace without an explicit upfront warning or confirmation, which can surprise users and violate expectations for a research/reporting skill. In agent environments, silent filesystem mutation can lead to unwanted persistence, accidental overwrite of analyst-curated files, or downstream trust in machine-generated configuration artifacts.

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The skill invokes bash scripts as subprocesses without clearly warning the user that external commands will run, which increases risk in environments where script contents may change or be unreviewed. Although the paths are templated rather than user-supplied, subprocess execution expands the attack surface to the referenced scripts and their shell behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal