Back to skill

Security audit

StartClaw-Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed optimizer for routing, scheduling, browser throttling, and context compaction, with privacy considerations around local logs but no evidence of theft, persistence, or hidden execution.

Install only if you want an agent workflow optimizer that may influence model choice and compact subagent context. Pin or verify the npm package before installing, and avoid using raw session identifiers or sensitive conversation metadata in shared logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The README advertises logging of session keys and detected key themes without warning about the privacy and security implications of recording identifiers and inferred content metadata. In a context-compaction feature for subagents, those logs could expose correlation identifiers and sensitive topic information from user or agent conversations, increasing the risk of data leakage, profiling, or improper retention.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The code logs the session key and token statistics whenever compaction occurs. While it does not directly log full message contents here, session identifiers and usage metadata can still be sensitive, especially in multi-tenant or production environments where logs are broadly accessible or retained long-term. In this context-compaction skill, those values are operationally related to user conversations, which makes the disclosure more concerning than ordinary debug telemetry.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.