Clawise

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about its purpose, but it gives agents sensitive account, CAPTCHA, phone, inbox, and credential-vault capabilities without clear safety limits.

Install only if you intend to let an agent use Clawise as sensitive account infrastructure. Use a dedicated, least-privileged API key if available, require human approval for CAPTCHA solving, phone verification, account creation, and credential access, and confirm the provider offers audit logs, revocation, retention controls, and clear lawful-use boundaries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill advertises handling highly sensitive assets including email inboxes, phone verification, CAPTCHA solving, passwords, TOTP secrets, API keys, and identity management, but provides no user-facing warnings about security boundaries, consent, lawful use, data minimization, or the risks of exposing credentials and verification channels. In this context, omission is dangerous because agents may be granted broad access to identity and account infrastructure without clear safeguards, increasing the likelihood of credential leakage, account takeover, unauthorized automation, or abuse of third-party services.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal