Science Agent Compare - Side-by-Side AI Tool Comparison

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only comparison helper for science-agent projects, with minor scope and privacy cautions but no evidence of harmful behavior.

Install this if you want help comparing OpenClaw or science-agent projects. Avoid entering private internal project names or sensitive research domains if you do not want them used in Claw4Science lookups, and verify changing facts like stars, owners, and papers before relying on them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrases include very common language such as "which is better" and "difference between," which can match many unrelated user requests and cause the skill to activate outside its intended scope. Over-broad activation can lead to incorrect routing, untrusted external lookups, or the model prioritizing this skill's comparison instructions when the user did not ask for science-agent comparison specifically.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The usage conditions are broad and ambiguous, e.g. any user asking for differences or which option is better could satisfy them even when the topic is unrelated to science agents. This increases the chance of inappropriate invocation and can misdirect the assistant into using the skill's fixed workflow and external links/API in contexts where they are irrelevant or unsafe.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal