ClawHub

Trae

Security checks across malware telemetry and agentic risk

Overview

This is an educational TRAE skill-authoring guide with no bundled code or hidden install behavior, but users should review any community skills or scripts they create from its advice.

Safe to install as a guide, but treat any third-party skills, generated skills, embedded scripts, MCP servers, or organization-wide rules you create from its advice as executable or behavior-changing components. Review their contents and permissions before use, especially when they can access local files, project secrets, or external services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill states that skills may be triggered automatically on a vague 'context match' without defining trust boundaries, approval requirements, or exclusions. In a system where skills can include instructions and executable resources, ambiguous auto-invocation can cause unintended activation of powerful workflows, increasing the risk of prompt-trigger abuse or unsafe execution paths.

Vague Triggers

Medium
Confidence
80% confidence
Finding
Telling users to create a skill via a broad natural-language request like 'Create a skill for X' can overlap with ordinary conversation and lead to accidental skill generation or misuse of privileged skill-authoring behavior. In an agentic IDE context, this ambiguity is more dangerous because generated skills may later be invoked automatically or contain executable resources.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill encourages importing skills from community repositories but omits any warning that skills may bundle scripts, templates, or instructions capable of executing code or influencing agent behavior. This creates a supply-chain risk: a user may import an untrusted skill that runs malicious code, exfiltrates data, or weakens safety constraints.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The markdown explicitly promotes embedding Python scripts in skills so the AI can execute them, but provides no warning about arbitrary code execution, file system access, network access, or destructive side effects. In this skill's context, that omission materially increases risk because the feature is presented as a normal extension pattern for end users, which could normalize unsafe execution of unreviewed code.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal