Security audit
Emotion Journal
Security checks across malware telemetry and agentic risk
Overview
The artifact appears to be a ClawHub staff/developer skill set with powerful but disclosed admin, migration, review, and documentation workflows guarded by user confirmation and existing auth.
Install or use this only for ClawHub repository work by operators who understand the admin authority involved. Before any write action, verify the exact target, reason, environment, and command, and rely on the documented dry-run, signoff, backup, and audit-log gates.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
58/58 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
