ClawHub
Back to skill

Security audit

Nightly Workspace Audit

Security checks across malware telemetry and agentic risk

Overview

This workspace-audit skill matches its stated purpose, but it can automatically scan and reorganize persistent workspace memory, including deleting, moving, renaming, and rewriting files without a clear approval step.

Review before installing if you plan to run it on a schedule. It should be treated as a write-capable workspace maintenance skill: use a dry run first, require explicit approval before deletes, moves, renames, MEMORY.md edits, or tier demotions, and keep backups of MEMORY.md and the memory/ directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill advertises very broad activation conditions such as running on a nightly cron job or whenever a user asks to audit, clean up, or check workspace health. That broad trigger scope increases the chance of unintended invocation of a high-privilege maintenance workflow that scans many files and may perform follow-on modifications, creating risk from ambiguous user phrasing or over-eager automation.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to merge, deduplicate, prune, archive, rename, and demote files, which are destructive or state-changing operations, but the user-facing description does not clearly warn that data may be modified or removed. In a nightly unattended context, this is especially dangerous because ambiguous heuristics like 'confirmed no longer useful' or overlap-based deduplication can cause silent data loss, unwanted archival, or corruption of workspace state.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal