Back to skill

Security audit

TinkerClaw Agent Superpowers

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only engineering methodology skill, with one questionable suggestion about inspecting another product's binary for embedded prompts.

Install this if you want stricter engineering workflow guidance, but review it before copying its rules into AGENTS.md or using sub-agents because it can change agent behavior and increase tool/model usage. Do not follow the proprietary-binary prompt-extraction suggestion unless you are sure it is allowed by your license and local policy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
This section explicitly encourages extracting a proprietary system prompt and tool definitions from a third-party compiled binary using binary analysis. Even though framed as learning or inspection, it normalizes reverse-engineering of non-open content that is unrelated to the skill's stated purpose of engineering discipline, and could facilitate policy circumvention, prompt exfiltration, or misuse of proprietary internals.

Description-Behavior Mismatch

Low
Confidence
80% confidence
Finding
The metadata asserts the skill is 'Pure methodology' with no network calls or credential access, but the body promotes interaction with external services, third-party tools, plugin ecosystems, and external URLs. This is primarily a trust and transparency issue: users or downstream systems may rely on the metadata to assess safety boundaries, and the mismatch can cause underestimation of exposure or review requirements.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.prompt_injection_instructions

Prompt-injection style instruction pattern detected.

Warn
Code
suspicious.prompt_injection_instructions
Location
SKILL.md:272