ClawHub
Back to skill

Security audit

Read Only Workspace Audit

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a read-only academic workspace auditing helper with no validated signs of data theft, destructive behavior, or hidden privilege use.

Install only for workspaces you are allowed to audit, especially if they contain academic or student-related information. Keep the campus-copilot tooling scoped to the intended workspace and confirm it remains read-only during use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

No VirusTotal findings

View on VirusTotal