ClawHub
Back to skill

Security audit

Mini Coder Max

Security checks across malware telemetry and agentic risk

Overview

This is a broad instruction-only coding workflow with optional web research, but it has no scripts, persistence, credential handling, or hidden behavior.

Install this if you want a broad coding assistant workflow. Review plans and diffs before applying changes, and avoid allowing web searches that include secrets, proprietary source, internal URLs, or sensitive error logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The skill explicitly directs the agent to use web search and fetch tools during research, but the manifest presents it as a coding skill without clearly scoping or disclosing that external network access may occur. This can lead to unintended data exposure, retrieval of malicious or untrusted content, and behavior that exceeds user expectations for a local coding assistant.

Vague Triggers

High
Confidence
94% confidence
Finding
The trigger keywords are extremely broad terms like 'code', 'build', 'fix', and 'develop', which are common in normal conversation and likely to cause unintended activation. Unintended activation is dangerous here because the skill can drive autonomous planning and optional web research, causing the agent to take actions or access external resources without clear user intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill contains autonomous research instructions but does not warn users in the description that it may perform web search and fetch operations. This undermines informed consent and increases the chance that users will disclose sensitive code, stack details, or internal error messages without realizing the skill may send related queries to external services.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal