TailwindCss Complete Documentation

Security checks across malware telemetry and agentic risk

Overview

This is a passive Tailwind CSS documentation skill with some content and privacy cautions, but no evidence of hidden execution, credential access, persistence, or exfiltration.

Safe to use as a local Tailwind CSS reference. Install from the correct ClawHub registry entry, verify important Tailwind guidance against official docs when accuracy matters, and avoid rendering bundled examples in privacy-sensitive contexts unless external images are blocked or proxied.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The documentation examples embed third-party image URLs from Unsplash, which causes client browsers to make outbound requests to an external service when the page or live example renders. This can disclose user IP address, user agent, referrer, and timing information without clear disclosure, creating a privacy issue even though it is not an exploit-oriented code execution risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal