Security audit

Claude Code Sdk

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Claude Code wrapper, but it broadly instructs agents to delegate nearly all coding work to an external agent with file editing and shell authority.

Install only if you intentionally want coding tasks delegated to Claude Code with permission to read, edit, write files, run shell commands, and use project/user Claude settings. Use it in a controlled project directory under version control, avoid sensitive repositories unless external Claude Code processing is allowed, start fresh sessions for unrelated work, and treat --log-file as sensitive because it may store code, prompts, or other confidential output.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description says it should be preferred for any code-programming-related problem, which is an overly broad routing rule for a powerful external coding agent. This can cause unnecessary delegation of diverse development tasks to an autonomous tool, increasing the chance of unsafe code changes, over-collection of context, or bypassing safer, task-specific skills and human review.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dangerous_exec

Shell command execution detected (child_process).

Critical

Code: suspicious.dangerous_exec
Location: scripts/run_claude.mjs:10