ClawHub

Aegis Quality Guardian

Security checks across malware telemetry and agentic risk

Overview

Aegis is a coherent development-quality skill that writes project guardrail files and can run setup scripts, with no evidence of hidden data access, exfiltration, or destructive behavior.

Install only if you want this skill to influence project workflow. Before running its setup or type-generation scripts, review the files it will add to your repo, especially pre-commit hooks, CI configuration, CLAUDE.md, and any pip/npx dependency downloads.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs the agent to run shell commands and initialize or modify project files, but it does not declare any permissions or capability boundaries. That mismatch is risky because users and orchestration layers cannot accurately understand or constrain the skill's ability to execute commands and write to disk before activation.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The script performs an implicit networked package installation (`pip install --user pyyaml`) as part of a local type-generation workflow, which changes the user's environment beyond the stated purpose of generating types. In an agent/automation context, this is risky because simply invoking the helper can trigger unreviewed dependency installation, creating supply-chain exposure and violating expectations of offline, deterministic build tooling.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The activation conditions are broad enough to trigger on routine development activities such as starting a feature, reviewing PRs, or managing workflows, which can cause the skill to engage in many contexts by default. When a skill has shell and file-write guidance, over-broad triggering increases the chance of unintended execution of setup or validation steps in projects where the user did not specifically request this behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal