ClawGuard-Guardian

Security checks across malware telemetry and agentic risk

Overview

This appears to be a local security/audit tool, but it overstates its protection and stores/replays operational logs with weak user controls.

Install only if you understand this is a local audit/replay helper, not a proven enforcement layer. Verify or remove the missing shared rules dependency, invoke it with explicit clawguard-guardian commands, and treat ~/.clawguard/logs/ plus any replay/export output as sensitive data that may need manual cleanup.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Vague Triggers

Low

Confidence: 76% confidence
Finding: The README says the agent will auto-read and execute the skill for broad natural-language requests such as asking to enable guardian mode, which expands activation beyond the explicit trigger list. In an agent setting, imprecise trigger language can cause unintended invocation of monitoring, logging, freeze, or replay behaviors without sufficiently clear user intent.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The README advertises audit logging and session replay, including storage under ~/.clawguard/logs/, but does not clearly warn users that command and file activity may be recorded and retained locally. This creates a privacy and sensitive-data exposure risk because transcripts, paths, and potentially secrets accessed during sessions could be stored and later replayed.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The skill uses broad activation conditions such as 'show status', 'show logs', and 'start monitoring', which are common phrases that can appear in normal conversation. In an agent environment, this can trigger the skill unexpectedly and cause monitoring, logging, freezing, or replay behaviors to activate without sufficiently explicit user consent.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The skill description advertises monitoring, replay, and logging, but it does not clearly warn users that sensitive commands, file paths, and network activity may be captured and retained in logs. This creates privacy and data-handling risk because users may invoke the skill without understanding that audit artifacts and potentially sensitive operational metadata will be stored.

Tool Parameter Abuse

High

Category: Tool Misuse
Content: **需要确认**： ``` rm -rf # 大范围删除 chmod 777 # 权限过宽 killall # 批量终止 shutdown # 系统关机 ```
Confidence: 73% confidence
Finding: chmod 777

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal