ClawHub

Angular

Security checks across malware telemetry and agentic risk

Overview

This Angular skill is a documentation-only reference and does not show hidden access, execution, persistence, or data handling behavior.

Reasonable to install as an Angular reference skill. Review future updates if they add scripts, commands, credential use, broad project scanning, or automatic code modification behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Low
Confidence
85% confidence
Finding
The activation guidance says the skill applies whenever a user 'needs Angular expertise' across many common topics. This is broad and does not define exclusions, negative examples, or narrower invocation constraints, which could cause unintended activation for routine frontend discussions that merely mention Angular.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal