Claw Doctor

Security checks across malware telemetry and agentic risk

Overview

This troubleshooting skill is mostly coherent, but it gives unsafe credential-handling instructions that could expose API keys.

Review the commands before using this skill. Do not let it print API keys or store secrets in shell startup files; use existence, permissions, non-empty file checks, or a service validation command instead. Approve package installs, chmod changes, and skill-copy operations one at a time.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly instructs the operator to inspect the secrets directory and read part of a key file using `cat ... | head -c 20` without any privacy warning, masking, or guidance to avoid exposing credentials in chat logs, terminal history, screenshots, or agent output. Even partial API keys are sensitive and can aid credential identification, correlation, or accidental disclosure, especially in an LLM-assisted troubleshooting workflow where command output may be echoed back.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal