Clawhub Memory Tiers Pro
Security checks across malware telemetry and agentic risk
Overview
The skill set is mostly coherent, but it includes an autoreview helper that runs nested Codex review with full sandbox bypass by default.
Review the autoreview helper before installing or invoking it. Prefer running it with `--no-yolo` or setting `AUTOREVIEW_YOLO=0` unless you intentionally want a nested reviewer to have unrestricted local sandbox access. For moderation skills, only use them with the intended staff credentials and explicit confirmed targets.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.