gate-news-listing
Security checks across malware telemetry and agentic risk
Overview
The skill artifacts are coherent workflow guidance with disclosed command use and no evidence of hidden persistence, exfiltration, or destructive behavior.
Before installing, understand that these skills are intended for trusted ClawHub/Convex development and moderation contexts. Use them only in repos where running GitHub, Convex, package-manager, or reviewer CLI commands is acceptable, and prefer the documented confirmation and no-yolo options for high-impact workflows.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.