ClawHub
Back to skill

Security audit

SigmaLifting CLI

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill guides use of a SigmaLifting CLI and discloses local workout-program file changes, with no evidence of hidden or unrelated behavior.

Install this only if you intend to use SigmaLifting CLI workflows. Verify the upstream sigmalifting-cli repository before global installation, prefer a pinned trusted version, and use SIGMALIFTING_HOME or --store-root for a test or project-specific store before letting an agent modify real training program or workout-log data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.