Claudify
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed automation-building guide that can change Claude Code automations and memory, but the sensitive behavior is coherent with its stated purpose and includes user-scope checks.
Review generated automations before accepting them, especially hooks, global ~/.claude changes, and persistent memory updates. Prefer project scope for project-specific details, and do not allow secrets, credentials, private endpoints, or personal data to be saved into shared skills, rules, plugins, or memory.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.