Inheritance Mapping Selector
Security checks across malware telemetry and agentic risk
Overview
Most of the ClawHub and Convex skill bundle is coherent, but a bundled review helper gives a nested agent full local authority by default, so it should be reviewed before installation.
Install only if you trust the publisher and intend to use these skills for ClawHub or Convex maintenance. Before running autoreview, prefer --no-yolo or AUTOREVIEW_YOLO=0 unless you deliberately want a nested agent with full local access, and review moderation, PR publishing, auth, and migration commands before approving them.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.