ClawHub
Back to skill

Security audit

Casdoor-api-assistant

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only helper for Casdoor APIs; it contains no runnable code, but generated examples may involve real credentials or data-changing endpoints.

Reasonable to install as a Casdoor API reference assistant. Before using generated requests, verify the Casdoor host, tenant, auth mode, and whether the endpoint mutates or deletes production data. Do not paste real access tokens, client secrets, passwords, payment data, or production user data into prompts unless you are intentionally working in a secure environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal