ClawMart Browse
Security checks across malware telemetry and agentic risk
Overview
The skill appears to be a straightforward ClawMart browsing helper with no reported malicious or suspicious behavior.
Install only if you intend the agent to browse or query shopclawmart.com. Review any API calls it makes during use, especially if future versions add checkout, account login, payment, or order-modification features.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.