ClawHub
Back to skill

Security audit

Navil Audit

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate security-audit skill, but it can route broad safety questions into local scanning and pentest-style commands over sensitive OpenClaw/MCP configuration without tight scope controls.

Install only if you intend to run a real local OpenClaw/MCP audit and trust the external navil pip package. Before use, specify exact config paths, avoid broad home-directory scans, confirm what any VirusTotal-related check sends externally, and review or redact generated reports before sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill metadata advertises very broad trigger phrases such as 'am I safe', 'check for vulnerabilities', and 'run security tests', which can overlap with ordinary user requests and cause unintended invocation. In this skill, accidental activation is more concerning than usual because the documented behavior includes running local security scans and penetration-test style commands, potentially causing unnecessary tool execution, noisy scans, or disclosure of sensitive configuration details in the generated report.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The 'When to Use This Skill' section defines activation conditions with fuzzy language like 'security check', 'what attacks would work', and 'before deploying', without requiring clear operator intent or consent. In context, this increases risk because the skill is positioned to run comprehensive audits and pentest simulations across the workspace, so ambiguous routing can trigger high-scope analysis unexpectedly and expose sensitive findings or consume resources.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal