open ai api
Security checks across malware telemetry and agentic risk
Overview
This ClawHub skill bundle is purpose-aligned and disclosed, with some powerful maintainer and moderation actions that users should run deliberately.
Install only if you expect ClawHub maintainer or Convex development workflows. Treat the moderation and PR-maintainer skills as privileged operational tools: confirm targets and reasons before writes, verify auth context, and avoid sending private diffs to fallback review providers unless that is acceptable for your project.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.