ClawHub

Autonomy Ladder

Security checks across malware telemetry and agentic risk

Overview

This is a readable instruction-only skill, but its default autonomy rules could let an agent make sensitive production, credential, financial, and infrastructure changes before the user approves them.

Install only after customizing the ladder. Keep credential rotation, production deploys, refunds, PR merges, infrastructure scaling, and customer-facing actions approval-gated unless you have explicit limits, runbooks, health checks, rollback procedures, cost caps, and audit logging.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly places credential and API key rotation in Tier 1, meaning the agent may perform security-sensitive changes immediately and only report afterward. Even if intended as routine maintenance, autonomous credential rotation can break integrations, lock out operators, or create outage and recovery risks if dependencies, rollout order, and secret propagation are not carefully coordinated.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill allows production bug-fix deployments under Tier 2, permitting immediate action before user approval. Production deployment is inherently high risk because a mistaken change can affect availability, data integrity, customer experience, and incident blast radius, especially when the framework provides only general guidance and not mandatory deployment safeguards.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill permits autonomous infrastructure scaling within budget guardrails, but does not require explicit warnings about service stability, quota effects, or unexpected cost and capacity consequences. In context, this is somewhat constrained by the stated budget guardrails and Tier 2 reporting, but it still grants immediate operational changes that could amplify incidents or create avoidable spend if the agent misclassifies demand or failure conditions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal