Pattern Matching
Security checks across malware telemetry and agentic risk
Overview
This is a benign reference-only pattern list for authorized security testing, though users should note that some advertised pattern files are not included and grep examples should only be run on authorized files.
This skill appears safe to install as a static reference collection. Use it only for authorized security testing, keep searches scoped to approved files or repositories, and verify the included files before relying on it to detect specific data types.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used on directories outside the intended scope, the agent may surface secrets, private code details, or vulnerability indicators from files it was allowed to read.
The skill includes examples for recursively grepping source trees for security-relevant patterns. This is aligned with the stated security-auditing purpose, but running it broadly can expose sensitive source or findings in the agent context.
`grep -Ri "echo" *` ... `grep -Ri "shell_exec(" *`Run these searches only on systems and directories you are authorized to test, and review or redact sensitive output before sharing it.
The skill may be less complete than its description suggests, which could lead to missed detections if a user relies on those absent files.
SKILL.md names key files that are not included in the provided file manifest. This does not show malicious behavior, but it means the advertised coverage should not be assumed from the included artifacts.
- `api-keys.txt - API key patterns` - `credit-cards.txt - Credit card formats` - `email-addresses.txt - Email patterns` - `ssn.txt - Social Security Number patterns`
Verify which pattern files are actually present before relying on this skill for coverage of specific sensitive data types.