ClawHub
Back to skill

Security audit

icosmos Amazon

Security checks across malware telemetry and agentic risk

Overview

The skill artifacts are coherent development and moderation helpers with disclosed commands and user-control guardrails.

Install only if you intend to give the agent repo-maintenance authority. Use the moderation skill only with the right ClawHub staff credentials, review exact write commands before approving them, and consider using the autoreview helper's no-yolo option if full-access nested review is not acceptable in your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal