ClawHub
Back to skill

Security audit

Skill Port

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent auditing and porting helper that uses local inspection and staged output, with explicit safety limits against installing, running source code, or writing to agent install directories by default.

Install this if you want an agent-assisted skill auditing and porting workflow. Use audit-only mode for untrusted sources, review reports before porting, and only approve remote cloning, source script execution, package installation, or installation into global agent directories when you specifically intend those actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs use of local scripts, file staging/writes, and potentially remote fetch/clone operations, which imply shell, file, environment, and network capabilities, yet it declares no permissions or capability constraints. This creates a trust and transparency gap: a user or runtime may not realize the skill can drive sensitive operations, increasing the risk of unintended file modification, command execution, or network access during auditing/porting workflows.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill enables implicit invocation without any visible trigger constraints, so the host agent may activate this skill in situations broader than intended. Because this skill is designed to audit and port other agent skills, unintended activation could cause sensitive repository content or untrusted plugin material to be processed automatically, increasing the chance of unsafe actions or overbroad access.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.