Back to skill

Security audit

ironclaw

Security checks across malware telemetry and agentic risk

Overview

Ironclaw is a disclosed remote safety-checking skill; the main caution is that content submitted for classification goes to Ironclaw.

Install only if you are comfortable sending selected text to Ironclaw for classification. Redact secrets, private conversations, proprietary data, and account details before submitting content; protect any Ironclaw API key; and continue manually reviewing future updates before replacing local skill files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The heartbeat instructs users to send a request using an Authorization bearer token formatted like a live credential (`ic_live_your_key_here`) without explicitly warning against pasting real secrets into untrusted environments, logs, transcripts, or shared terminals. In an agent-oriented skill, this is risky because users may follow the example verbatim in contexts where requests, prompts, or outputs are retained, increasing the chance of credential exposure or accidental outbound transmission.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs users to send arbitrary content to a third-party remote API for classification, but it does not provide a clear warning about privacy, retention, logging, or restrictions on sending secrets, personal data, or proprietary content. In a safety-focused skill, this is especially risky because users may submit sensitive prompts, messages, credentials, or files under the assumption that the tool is safe by design.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.