ClawHub
Back to skill

Security audit

尸狗·警觉魄v2.0

Security checks across malware telemetry and agentic risk

Overview

This is a defensive security skill, but it asks for continuous monitoring and automated response actions without clear user consent, limits, or rollback guidance.

Install only if you want an agent to advise on security monitoring and incident response. Require explicit approval before any blocking, isolation, account lock, file deletion, quarantine, repair, or long-running monitoring, and define exactly which systems, files, logs, and network activity are in scope.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger examples are broad natural-language phrases like asking whether the system is safe or requesting monitoring, which can cause the skill to activate in contexts where the user did not explicitly intend to invoke this security capability. In a security-oriented skill that claims monitoring and response behaviors, unintended invocation increases the chance of over-collection, misleading security assertions, or accidental downstream actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises automated response playbooks and real-time monitoring but does not clearly warn users about potentially system-impacting behavior such as blocking, isolating, locking, or continuous observation. In the context of a defensive security skill, this is more dangerous because users may assume the capability is advisory while the described behavior implies active intervention that could disrupt systems or affect privacy.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal