ClawHub
Back to skill

Security audit

pangea-prototype

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local Vue prototype generator that creates a demo workspace, installs normal frontend dependencies, and starts a local dev server.

Install this only if you want a skill that can create or update a local prototype folder, run npm install, and start a local Vite server. Use a throwaway or clearly chosen target directory, and treat the npm dependencies with normal supply-chain caution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

High
Confidence
95% confidence
Finding
The skill’s trigger conditions are extremely broad, including common phrases and a catch-all for nearly any request to build a page or demo. This creates a high risk of unintended activation, causing the agent to generate files and potentially run setup commands in contexts where the user did not explicitly consent to those side effects.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document instructs the agent to initialize a workspace and automatically start a dev server, but it does not require clear user-facing notice or approval before performing those actions. Because these actions modify the filesystem and spawn processes, silent execution can violate user expectations and create operational or security risk on the host environment.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
Defaulting output to a hidden directory and allowing script execution plus npm install without prominent warning reduces transparency around persistent changes and third-party code execution. Even if intended for convenience, this can hide artifacts from users and increase the chance of unreviewed dependency installation or workspace modification.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal