ClawHub

Semantic Shield

Security checks across malware telemetry and agentic risk

Overview

Semantic Shield is a disclosed API-only skill for checking AI skill safety, with no evidence of hidden execution, local data access, or exfiltration.

Install this if you want a third-party advisory service for AI skill safety checks. Use a revocable API key, monitor lookup/inquiry quota, submit only public skill identifiers or URLs, and avoid relying on a single safety score as the only basis for installing high-impact tools.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Scope Creep

Low
Category
Excessive Agency
Content
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
Confidence
70% confidence
Finding
NOT LIMITED TO

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal