ClawHub

Caid Multi Agent

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only multi-agent coding workflow, but it includes destructive git cleanup and reset examples that users should run only after checking the target worktree.

Install only if you want agents to coordinate coding through git branches and worktrees. Before use, confirm the agent may create/delete worktrees, commit/merge/push branches, install dependencies, run tests, and spawn subagents. Require `git status`, path verification, and preferably a safer cleanup flow before any `git reset --hard` or `rm -rf` command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs engineers to run `git reset --hard origin/main` to synchronize worktrees, which irreversibly discards uncommitted local changes. In a multi-agent workflow with autonomous execution, this can silently destroy in-progress work or user modifications if the workspace path or branch state is wrong.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The cleanup instructions include `rm -rf ../workspace-engineer-1` without safeguards or user confirmation. Recursive deletion is irreversible and, if variables or paths are miscomputed in an agent-driven environment, can delete unintended directories outside the repository.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The example includes destructive cleanup steps that delete a path outside the current repository workspace using `rm -rf ../workspace-engineer-1` without any guardrails, path validation, or confirmation. In an agent skill context, operators or agents may copy these commands verbatim, and a mis-resolved relative path or variable substitution error could cause unintended data loss on sibling directories.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal