ClawPlanOps

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill is a coherent project-planning helper with expected calendar and progress-check behavior, but users should scope file scans and calendar output paths carefully.

Before installing, understand that progress checks may read files and Git history in the project path you provide. Use a narrow project folder, exclude sensitive directories where possible, and review the calendar output path or macOS Calendar import before allowing writes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The skill’s main workflow directs the agent to generate an ICS calendar file and even accepts an arbitrary output_path, but it does not require explicit user confirmation before creating or overwriting files. In an agent setting, silent filesystem writes can surprise users, overwrite existing data, or be abused to place files in unintended locations if paths are influenced by user input.

Missing User Warnings

Low

Confidence: 95% confidence
Finding: The progress-check flow instructs scanning project files and Git evidence without an explicit warning that the tool will read repository contents and history. This can expose sensitive source code, secrets in files, commit metadata, or unrelated private material if the user points the tool at a broad directory.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal