Back to skill

Security audit

Git Commit Analyzer / Git提交语义分析器

Security checks across malware telemetry and agentic risk

Overview

The inspected skills are coherent operational guidance for code review, Convex work, ClawHub moderation, and documentation, with sensitive actions disclosed and gated by user confirmation.

Install only if you expect the agent to help with ClawHub/Convex operations and code review. Pay special attention before using the moderation, email, production migration, or proof-publishing workflows, because they can affect real users or production data and should be run only with the required approvals and credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.