Botanalytics
Security checks across malware telemetry and agentic risk
Overview
The skill artifacts are mostly workflow guidance and helper commands for ClawHub/Convex work, with sensitive actions disclosed and guarded rather than hidden.
Install only if you trust the publisher to guide ClawHub/Convex developer workflows. Review the autoreview helper before use because it defaults to full-access nested review, and use --no-yolo if you want normal sandbox prompts. For moderation, role changes, PR comments, proof publishing, migrations, and auth setup, confirm the exact target and credentials before allowing writes.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.