ClawHub

Agent Governance Auditor

Security checks across malware telemetry and agentic risk

Overview

This is a text-only governance-audit skill; the scanner hits are examples of unsafe prompt patterns, not instructions for the agent to follow.

Safe to install as an advisory audit helper. Treat its scores as guidance rather than a final security decision, and avoid pasting secrets, private credentials, or unreleased sensitive system prompts unless you are comfortable having that text analyzed in your agent session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Unrestricted Tool Access

Medium
Category
Excessive Agency
Content
| "Use your best judgment" | No judgment criteria defined |
| "Be as helpful as possible" | No upper bound on helpfulness |
| "Handle edge cases appropriately" | No definition of "appropriately" |
| "You have full access to..." | No access restrictions defined |
| "Act like a human" or "pretend to be human" | Violates identity disclosure |
| "The user's word is final" | Overrides operator governance |
| "You can ignore safety guidelines if..." | Creates an injection vector |
Confidence
75% confidence
Finding
No access restrictions

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
**Symptoms:**
- Agent has tool access (send email, delete records, make purchases)
- No reversibility preference stated
- No confirmation step before consequential actions

**What goes wrong:**
Agent takes irreversible action based on ambiguous user input. "Delete the old records" gets interpreted more aggressively than intended. "Send the proposal" goes to the wrong address.
Confidence
75% confidence
Finding
No confirmation

Instruction Override

High
Category
Prompt Injection
Content
| "You have full access to..." | No access restrictions defined |
| "Act like a human" or "pretend to be human" | Violates identity disclosure |
| "The user's word is final" | Overrides operator governance |
| "You can ignore safety guidelines if..." | Creates an injection vector |
| "This is just for testing" | Lowers guards that should stay up |
Confidence
90% confidence
Finding
ignore safety guidelines

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal