AI Skill精选管家

Security checks across malware telemetry and agentic risk

Overview

This is mostly a skill recommendation catalog, but it tries to route all skill installations through its own unpinned external CLI.

Use this as a recommendation catalog only. Before allowing it to install other skills, independently review and pin the external skillpick npm CLI, and do not let it replace normal ClawHub install commands without explicit user approval.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 95% confidence
Finding: The skill declares no permissions, yet its documented behavior and commands indicate shell execution and likely network access via Node-based CLI/API calls, pipeline fetching, GitHub API use, and installation commands. This mismatch undermines user and platform trust boundaries because an agent may treat the skill as low-privilege while it can trigger external installs, command execution, and data retrieval.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal