ClawHub
Back to skill

Security audit

Token Optimizer 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This looks like a troubleshooting workflow skill, but it includes unsafe process-kill guidance and shell-interpolated diagnostic code without enough guardrails.

Review before installing. Use it only if you are comfortable with the agent inspecting local ports, processes, files, and logs, and require explicit approval before any stop, kill, restart, or cleanup command. Verify the exact process ID, executable path, and ownership before terminating anything.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The PreChecker executes OS commands via execSync using interpolated inputs for port and processName, and includes process enumeration logic that exceeds simple token/workflow tracking. In a skill context, this expands the attack surface: if untrusted input reaches these methods, it can enable command injection or unauthorized host reconnaissance.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill recommends forceful process termination commands such as Stop-Process -Force without warnings, confirmation requirements, or guidance on verifying the target. In an agent-assisted environment, users may copy or automate these commands blindly, causing unintended termination of unrelated applications, data loss, or service disruption.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The appendix lists force-kill commands in a quick-reference section, which increases the chance they are used out of context and without understanding side effects. This is risky in troubleshooting workflows because concise command snippets are often copied directly into terminals, potentially disrupting active workloads.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal