ClawGuard-Auditor

Security checks across malware telemetry and agentic risk

Overview

This is a local skill-auditing tool, but it overstates its security capabilities and describes auto-approval decisions that users should not rely on without review.

Install only if you want a heuristic local auditor and will review its output yourself. Do not treat its APPROVED or low-risk result as a definitive security decision, and run it only against the specific skill directory you intend to inspect.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 84% confidence
Finding: The skill claims enterprise-grade ML anomaly detection, supply-chain verification, and comprehensive audit capabilities, but the described or detected implementation appears to be largely heuristic and incomplete. This mismatch can create a false sense of security, causing users to trust approval decisions that are less rigorous than advertised.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases are broad natural-language requests such as '审计这个 skill' and '安装前检查', which are plausible in normal conversation and can cause the skill to activate unintentionally. For a security-auditing skill, accidental invocation can expose local paths, read untrusted skill content automatically, or interfere with the user's intended workflow.

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: | Classification | Score Range | Action | |---------------|-------------|--------| | **Trusted** | 80-100 | Auto-approve with standard logging | | **Verified** | 60-79 | Approve with enhanced logging | | **Unknown** | 40-59 | Manual review required | | **Suspicious** | 20-39 | Deep audit required |
Confidence: 76% confidence
Finding: Auto-approve

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: | Tier | Score Range | Color | Action | |------|-------------|-------|--------| | **TIER_0** | 0-10 | 🟢 GREEN | Auto-approve | | **TIER_1** | 11-30 | 🟢 GREEN | Approve with logging | | **TIER_2** | 31-50 | 🟡 YELLOW | Manual review | | **TIER_3** | 51-70 | 🟠 ORANGE | Deep audit required |
Confidence: 78% confidence
Finding: Auto-approve

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal