SocialClaw CLI
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed wrapper for a Social Flow CLI that can operate Meta accounts, with clear confirmation gates for risky actions and no evidence of hidden behavior in the skill artifacts.
Install this only if you trust the Social Flow npm package and intend to let it work with your Meta assets. Before approving commands, verify the active profile, workspace, page, ad account, WhatsApp account, recipients, and budgets; prefer read-only or plan-only commands first and keep Gateway or Studio bound to localhost with API-key protection when available.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.