ClawHub

Skylv Multi Agent Orchestrator

Security checks across malware telemetry and agentic risk

Overview

This is a coherent instruction-only multi-agent design skill, but its example code would send prompts and context to OpenAI if copied into a real system.

Safe to install as a design/reference skill. Before turning the examples into working code, confirm where LLM requests are sent, use a least-privilege API key, redact sensitive prompts and memory, set retention rules, and add validation/access controls around agent messages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The example agent implementation performs a real outbound call to an external LLM API and uses an environment-sourced bearer token, even though the skill is presented as an orchestration/design guide rather than a narrowly scoped API-integration skill. This creates a genuine data exposure risk because task descriptions, memory-derived context, and tool metadata are transmitted off-system without any documented consent, minimization, or trust-boundary discussion.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The sample code sends task content, accumulated context, and tool definitions to an external API, but the markdown does not warn users that potentially sensitive workflow data leaves the local environment. In a multi-agent orchestration setting, that context may contain prior agent outputs, internal planning data, or user-provided secrets, so omission of disclosure increases the chance of unintended exfiltration.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The documentation accesses an API credential from an environment variable without warning users that a valid secret must be provisioned and protected. While environment variables are common, presenting this silently in a skill can normalize unsafe secret handling and lead to accidental exposure through logs, shared shells, or misconfigured runtime environments.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal