ClawHub
Back to skill

Security audit

protocal-agent

Security checks across malware telemetry and agentic risk

Overview

This instruction-only biomedical protocol planning skill is coherent, but users should avoid using it with sensitive local documents or confidential protocol details unless they are comfortable with local reading and web lookups.

Install only if you are comfortable with the agent reading protocol-like .md or .docx files in the project root and using web searches for protocol references. Use it in a dedicated folder, avoid patient data or unpublished proprietary details in prompts and local files, and verify generated biomedical procedures against official SOPs, safety rules, and qualified supervision.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to read `.md` and `.docx` files from the project root, which can expose unrelated or sensitive local documents without clear user consent or scope limitation. In a biomedical setting, project files may contain unpublished research, patient-related context, proprietary SOPs, or regulated information, so automatic ingestion materially increases confidentiality risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs web searches based on the user's task and protocol details without warning that those details may be transmitted to external services. For medical or molecular biology workflows, prompts may include sensitive research goals, sample types, pathogen targets, or clinical context, creating a risk of unintended disclosure to third parties.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.