Back to skill

Security audit

Claude Code Integration

Security checks across malware telemetry and agentic risk

Overview

This is mostly an offline Claude Code documentation helper with some overstated wording, but no evidence of hidden execution, data theft, or destructive behavior.

Install this only if you want a local Claude Code documentation and workflow-reference helper. Treat the bundled docs as possibly stale, and do not assume the task command actually executes work. Review any separate OpenClaw exec/read-write action or remote installer snippet before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
78% confidence
Finding
The skill advertises shell-capable workflows and explicit command examples, but no permissions are declared to bound or disclose that capability. In an agent ecosystem, undeclared execution capability undermines least privilege and informed consent, making it easier for a broadly invoked skill to trigger command execution unexpectedly.

Tp4

High
Category
MCP Tool Poisoning
Confidence
92% confidence
Finding
The skill's documented behavior materially diverges from what the analysis says it actually does, including local installation side effects and nonfunctional or stubbed features. This is dangerous because users and the orchestrator may trust it for low-risk documentation queries while it performs different actions, creating a pathway for deceptive execution and bypass of security expectations.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The invocation guidance is overly broad, using generic coding-help language that can cause this skill to activate in many normal development conversations. Because the skill is tied to task execution and shell-capable workflows, over-triggering increases the chance of unnecessary tool use, unintended side effects, and misuse in contexts where the user did not specifically request this integration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.