Back to skill

Security audit

ClawSkillGuard

Security checks across malware telemetry and agentic risk

Overview

ClawSkillGuard is a local, user-directed skill scanner with auditability limitations but no evidence of hidden network access, data theft, persistence, or destructive behavior.

Reasonable to install if you want a lightweight local scanner, but treat its results as advisory. It uses pattern matching, skips scanning itself when the target directory is named clawskillguard, and stores signatures in base64, so review important skills manually or with another scanner when stakes are high.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Low
Confidence
87% confidence
Finding
The comment explicitly says patterns are base64-encoded to avoid self-detection by naive scanners, and the code also skips scanning the tool's own skill directory. While likely intended to reduce noisy self-matches, this combination creates an audit blind spot and signals deliberate scanner evasion behavior, which is risky in a security tool because it can hide malicious additions in the scanner itself.

Ssd 2

Medium
Confidence
92% confidence
Finding
Encoding detection signatures specifically to avoid self-detection by naive scanners is a form of obfuscation that reduces transparency and complicates independent review. In a security scanner, hidden signatures are especially concerning because they can mask intent, frustrate auditing, and normalize anti-analysis techniques that are also used by malicious tools.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.