Back to skill

Security audit

Nervix Onboarding

Security checks across malware telemetry and agentic risk

Overview

This skill matches Nervix onboarding, but it can enroll persistent agents and publish to ClawHub without enough guidance on token storage, revocation, or stopping ongoing activity.

Install only if you intend to use Nervix enrollment and ClawHub publishing. Before running it, confirm the target agent name and roles, where tokens will be stored, how heartbeat will be stopped, how credentials can be revoked or rotated, and require explicit approval before any publish or auto-bump publish action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The manifest description is still placeholder text, so the skill does not accurately declare its purpose, triggers, or scope. In an agent environment, vague or incorrect metadata can cause the wrong skill to be selected for sensitive onboarding, federation verification, or publishing actions, increasing the chance of unsafe or unintended operations.

Intent-Code Divergence

Low
Confidence
95% confidence
Finding
The document body is mostly template guidance and TODOs instead of actual onboarding procedures. This creates an integrity and operational-safety problem: an agent or operator may rely on incomplete instructions for a sensitive onboarding workflow, leading to skipped verification steps, inconsistent enrollment, or accidental publication of an unreviewed skill bundle.

Vague Triggers

Medium
Confidence
96% confidence
Finding
Undefined usage triggers make it unclear when this skill should activate, which is especially risky for a skill tied to onboarding and publishing actions. Ambiguous activation conditions can cause the skill to be invoked in inappropriate contexts or by insufficiently prepared operators, increasing the likelihood of process bypass or misuse.

Vague Triggers

Medium
Confidence
94% confidence
Finding
An incomplete overview leaves the skill's purpose, scope, and assumptions unspecified. In the context of onboarding into a federated system and publishing to a hub, this lack of clarity can cause users or agents to misunderstand required checks, permissions, and sequencing, resulting in unsafe enrollment or premature publication.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.