Docker Medic
Security checks across malware telemetry and agentic risk
Overview
The visible artifacts are coherent developer and maintainer workflows, with powerful but disclosed actions that require the user or an authenticated maintainer to invoke them.
Reasonable to install in a ClawHub or Convex maintainer/developer workspace. Only use the moderation and full-access review helpers when you understand the target account, PR, or repository state, and prefer least-privilege/authenticated tokens for staff actions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.