Back to skill

Security audit

IELTS Grading Skill

Security checks across malware telemetry and agentic risk

Overview

The skill bundle is mostly coherent for ClawHub and Convex maintenance, but it includes a review helper that defaults to full-access nested agents and fallback LLM reviewers, so users should review it before installing.

Install only if you are comfortable with repo-maintenance skills that can run powerful local and cloud CLIs. Pay particular attention to the autoreview helper: consider using its no-yolo or no-fallback options unless you explicitly want nested full-access review agents or external LLM reviewers to receive code diffs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.