Production Readiness
Security checks across malware telemetry and agentic risk
Overview
This is a markdown-only production readiness checklist and orchestrator with no evidence of hidden code, persistence, exfiltration, or destructive behavior.
Reasonable to install if you want a production readiness review workflow. Prefer the ClawHub install path, inspect or pin the GitHub source if installing from the branch URL, and review any delegated skills or agents before giving them sensitive project context.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.