Storyous
Security checks across malware telemetry and agentic risk
Overview
The available skill artifacts are coherent ClawHub and Convex developer tools with disclosed high-impact commands and no evidence of hidden or malicious behavior.
Before installing, be aware that these skills are intended for trusted ClawHub/Convex development and staff contexts. Review the moderation, migration, publishing, and autoreview commands before use, and consider disabling autoreview full-access mode if you do not want nested review tools running without sandbox prompts.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.