ClawHub
Back to skill

Security audit

Natural Plant Dye Making Basics

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed natural-dyeing guidance skill with no executable code and only purpose-aligned use of photos, location context, reminders, and local logs.

Before installing, consider whether you are comfortable sharing plant photos and approximate location with the agent. The security artifacts do not show hidden code or exfiltration, but the physical process still requires care with plant identification, hot liquids, mordants, ventilation, allergies, and local foraging rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.