BoldSign
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed BoldSign e-signature integration that uses ClawLink OAuth and user-confirmed tools to manage documents.
Install only if you are comfortable connecting your BoldSign account through ClawLink. Review the OAuth permissions during connection, and require confirmation before sending, editing, uploading, creating fields, or removing document authentication because those actions can affect real contracts and signing workflows.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
57/57 vendors flagged this skill as clean.