Security audit
Motion
Security checks across malware telemetry and agentic risk
Overview
The skills mostly match ClawHub and Convex maintenance workflows, but the bundled autoreview helper defaults to running a nested Codex review with full access while bypassing approvals.
Install only if you trust this publisher and are comfortable with high-impact ClawHub/Convex maintenance workflows. Before using autoreview, prefer running it with --no-yolo or AUTOREVIEW_YOLO=0 unless you intentionally want a nested review process with unrestricted local authority.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
VirusTotal findings are pending for this skill version.
Static analysis
No suspicious patterns detected.
