用于自动扫描 Vue2 项目的潜在风险,依赖安全,Webpack 配置风险, Babel 配置问题
Security checks across malware telemetry and agentic risk
Overview
The skill artifacts are coherent developer and maintainer workflow helpers, with powerful actions disclosed and gated by user direction.
Install only if you trust these ClawHub/Convex maintainer workflows. Be careful with the moderation and autoreview helpers: they can perform real account or repository actions when invoked, and the autoreview helper can run nested review with full local access unless you use its no-yolo option.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.