WordPress WP-CLI Admin
Security checks across malware telemetry and agentic risk
Overview
The artifacts are a disclosed ClawHub maintainer/developer toolkit with powerful commands, but the high-impact actions are documented, user-directed, and gated by existing auth or confirmations.
Install or use this only in a ClawHub maintainer/developer context. Before running moderation, package, deploy, proof-publish, or autoreview commands, confirm the target, registry, auth token, and whether the command is dry-run or apply/--yes; use --no-yolo for autoreview when you do not want nested review to bypass sandbox protections.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.