ClawHub
Back to skill

Security audit

Orchestrix Guide

Security checks across malware telemetry and agentic risk

Overview

This guide is coherent, but it tells users to run hands-off coding automation while bypassing Claude Code safety prompts.

Install only if you are comfortable editing the workflow before use: remove the skipped-permissions alias, keep Claude Code approvals and folder trust prompts manual, inspect any `.orchestrix-core` scripts in the target project, and monitor the tmux session while it runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
The skill explicitly instructs users to configure `alias cc='claude --dangerously-skip-permissions'`, which disables normal permission safeguards for an automation flow that sends commands programmatically through tmux. In this context, the skill orchestrates multi-agent coding, testing, approvals, and file operations automatically, so removing permission prompts materially increases the chance of unattended destructive actions or sensitive operations proceeding without meaningful review.

Missing User Warnings

High
Confidence
100% confidence
Finding
The guide recommends a dangerous permission-bypass mode without clearly stating that it suppresses approval prompts and may allow automated actions to run without user confirmation. Because the rest of the skill is designed for hands-off orchestration through tmux, this omission is especially risky: users may not realize they are combining autonomous command injection with disabled safety interlocks.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.