Back to skill

Security audit

clawlite-ceo-review

Security checks across malware telemetry and agentic risk

Overview

This is a read-only strategic review skill whose repository inspection is disclosed and aligned with reviewing software plans, with no evidence of hidden execution, credential use, persistence, or exfiltration.

Install this if you are comfortable with the agent reading local Git history, diff summaries, TODO/FIXME file matches, CLAUDE.md, TODOS.md, and architecture or design documents in the repository being reviewed. Run it only from the project you intend to review.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill claims to perform strategic plan review, but it instructs the agent to run repository-wide audit commands and read multiple project files before beginning. This expands data access beyond what is necessary for the stated task, creating unnecessary exposure of commit history, file inventory, TODOs, and design documents that may contain sensitive information.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.