Back to skill

Security audit

Claude Code 控制器

Security checks across malware telemetry and agentic risk

Overview

This skill is for launching Claude Code, but it repeatedly tells agents to run it with permission checks bypassed, including in background and parallel sessions.

Review carefully before installing. Use this only if you intentionally want an agent to launch Claude Code on your projects; prefer normal permission modes, avoid sensitive repositories or directories, explicitly approve background or parallel runs, and monitor or stop sessions when complete.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The skill repeatedly recommends `--permission-mode bypassPermissions` while simultaneously claiming not to grant full permissions, which is contradictory and normalizes running an AI coding tool with guardrails disabled. In this skill's context—automating code changes, background execution, and parallel tasks—this substantially increases the chance of unauthorized file modification, secret exposure, or destructive actions without meaningful user approval.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.