Chinadrugtrials Query
Security checks across malware telemetry and agentic risk
Overview
The artifact is a coherent ClawHub/Convex maintainer skill bundle with disclosed powerful workflows and no evidence of hidden exfiltration, persistence, or destructive behavior.
Install this only where ClawHub maintainer, Convex, GitHub, and code-review automation are appropriate. Before using moderation, production migration, proof publishing, or autoreview fallback features, confirm the target, review what data or diffs may be sent to external tools, and use AUTOREVIEW_YOLO=0 or --no-yolo if you do not want nested Codex full-access review.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.