深度话题调研工作流
Security checks across malware telemetry and agentic risk
Overview
The artifacts are coherent maintenance skills with disclosed ClawHub/Convex workflows; the sensitive commands are user-directed and gated by auth or confirmation.
Install only if you want ClawHub/Convex maintainer workflows. Be aware that the moderation skill can change live account and content state through authenticated APIs, and the autoreview helper may run local commands or send diffs to configured review CLIs; use it from a trusted checkout with credentials you intend to use.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
61/61 vendors flagged this skill as clean.