ClawHub
Back to skill

Security audit

Llm Cost Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill appears to perform local analysis of user-provided LLM usage logs without credentials, network access, persistence, or account-changing behavior.

Before installing, be aware that any usage logs you provide may contain operational metadata such as model names, token counts, task types, timestamps, or session IDs. The reviewed artifacts process that data locally and do not show upload or credential behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.