ClawOps

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a descriptive orchestration skill with no executable payload, but it claims broad authority over secrets, scheduling, and other skills without clear guardrails.

Install only if you are comfortable giving this skill a coordinator role. Before relying on it, confirm it requires explicit user approval before managing secrets, scheduling background work, restarting skills, or changing other skill behavior, and prefer running it in an environment where its access to credentials and installed skills is limited.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill is described as a central orchestrator that discovers skills, resolves dependencies, manages secrets, schedules actions, and restarts other skills, but it provides no concrete activation boundaries, authorization model, or operational constraints. In an agent ecosystem, this kind of broad, undefined control surface can enable overreach, unsafe invocation, or unintended access to other skills and sensitive resources.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal