Security audit

Clawtrix Dev Intel

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only recommender for developer-agent skills, with disclosed local report writing and no hidden execution or credential use.

Reasonable to install if you want developer-tooling skill recommendations. Before running it, review SOUL.md for confidential mission details or internal stack information, and manually review any recommended skill before using the suggested install command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Context-Inappropriate Capability

Low

Confidence: 88% confidence
Finding: The skill explicitly instructs the agent to write an output file under `memory/reports/`, which introduces state-changing filesystem behavior beyond merely recommending skills. While the target path appears constrained and the content is an audit report, silent file creation can still surprise users, overwrite prior artifacts if naming collisions occur, or be abused when the skill is triggered in broader contexts.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The description is broad enough that the skill may be invoked for generic developer-tooling or onboarding tasks, not just narrowly scoped skill discovery. Over-broad routing increases the chance the agent will execute the skill in situations where reading `SOUL.md`, querying external services, or writing reports is unnecessary or unexpected, expanding exposure to data access and side effects.

Missing User Warnings

Low

Confidence: 92% confidence
Finding: The skill directs the agent to write a report file but does not clearly warn the user that local data will be modified. Even though the write location is specific and seemingly non-sensitive, undisclosed persistence is a safety issue because it changes the environment and may leave artifacts containing agent mission details, installed skills, or other operational metadata.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.