ClawHub

Skill Sync

Security checks across malware telemetry and agentic risk

Overview

Skill Sync is a disclosed local tool for auditing and reorganizing AI-agent skill folders, with meaningful filesystem changes gated behind explicit user commands.

Install this only if you want a tool that can inspect and reorganize local AI-agent skill directories. Run preview commands first, review the planned replacements, avoid --apply and --force until the paths look correct, and keep the backup location available for restore.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly promotes operations like `--apply` and `--force` that can replace skill directories with symlinks and modify installed skills across multiple agent roots, but it does not place a clear, prominent warning near those commands about filesystem mutation, overwrite risk, or the need to review dry-run output first. Because this project manages local agent skills across many standard directories, unclear guidance increases the chance of accidental destructive changes or unintended trust propagation through symlinked canonical sources.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script performs real filesystem mutations when `--apply` is supplied, including moving existing skill directories/files into a backup location and replacing them with symlinks, but it does not present an explicit execution-time confirmation or prominent warning immediately before making those changes. In an agent/tooling context where commands may be generated or invoked semi-automatically, this increases the risk of unintended destructive changes to user home directories and shared skill roots.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal