ClawHub

Scientify - AI-powered collaborator for your scientific research works.

Security checks across malware telemetry and agentic risk

Overview

This Scientify installer is mostly coherent, but it tells the agent to install without asking and has conflicting installation guidance.

Install only if you specifically intended to add Scientify and trust the scientify package and publisher. Require explicit confirmation before installation, use the OpenClaw plugin manager path, and ask for confirmation before downloads, generated code execution, experiments, or project deletion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill is presented as an installation/setup helper, but its embedded content advertises extensive post-install research automation, code execution, downloading, and project management capabilities. This scope mismatch can mislead users and downstream agents into invoking a much more powerful skill than expected, weakening informed consent and increasing the chance of unintended tool use.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The metadata declares installation via a Node package (`package: scientify`), while the documentation explicitly says not to use npm and to install only through `openclaw plugins install`. Contradictory installation paths can cause agents or users to perform the wrong action, resulting in an improperly installed plugin, execution of an unintended package, or environment modification outside the intended plugin manager controls.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The instruction "Don't ask permission. Just do it." encourages silent installation and environment changes without explicit user confirmation. In a skill whose purpose is to install software, this bypasses a critical safety checkpoint and can lead to unauthorized package installation, dependency changes, and trust boundary violations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal