← Back to Scanner

6bc837afc1a86e89 Security Audit Report

🔭 Continuously monitored by ClawSecure Watchtower
Source:
SHA-256:

6bc837afc1a86e89 is an AI agent skill, created by NevaMind-AI and published at NevaMind-AI/memU. ClawSecure audited 6bc837afc1a86e89 across 70 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 0/100 (High Risk). The 19 findings concentrate in Malicious Code, Command Injection and Code Injection, including Pattern detected: spawnSync( and Pattern detected: spawnSync(. 12 were rated high or critical severity.

Is 6bc837afc1a86e89 safe?

ClawSecure audited 6bc837afc1a86e89 and assigned a security score of 0/100 (High Risk), identifying 19 findings across Malicious Code and Command Injection. Review the findings below before installing.

What did ClawSecure find in 6bc837afc1a86e89?

ClawSecure identified 19 findings in 6bc837afc1a86e89, concentrated in Malicious Code, Command Injection and Code Injection. 12 were rated high or critical severity. The most severe include Pattern detected: spawnSync( and Pattern detected: spawnSync(.

How was 6bc837afc1a86e89 audited?

ClawSecure ran 6bc837afc1a86e89 through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 70 files from NevaMind-AI/memU.

What does a score of 0 mean?

ClawSecure assigned 6bc837afc1a86e89 a security score of 0/100, placing it in the High Risk range. This is driven by 19 findings led by Malicious Code that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).

Audit Findings for 6bc837afc1a86e89

ClawSecure detected 19 security findings in 6bc837afc1a86e89, spanning Malicious Code, Command Injection, Code Injection and Obfuscation.

Showing the 12 highest-severity of 19 findings. The full interactive list appears below.

3-Layer Audit Protocol

Security Recommendations for 6bc837afc1a86e89

Audit external network connections
6bc837afc1a86e89 connects to external endpoints. Verify every outbound connection goes to a trusted destination. Unauthorized callbacks are a primary indicator of ClawHavoc malware and data exfiltration. ClawSecure's proprietary engine monitors for known malicious endpoints including C2 infrastructure.
Harden command execution
6bc837afc1a86e89 constructs or runs system commands. Validate that commands are built only from trusted inputs, never pass user-controlled strings directly to a shell, and restrict execution to an allow-list of expected commands.
Eliminate dynamic code execution
6bc837afc1a86e89 evaluates code at runtime (for example eval or dynamic exec). Remove dynamic evaluation of untrusted input, and where code generation is unavoidable, sandbox it and validate every input.

Related Security Research

ClawHavoc Explained: The Malware Family Targeting AI AgentsBeyond Static Scans: Why ClawSecure Verifies Agentic Intent

Related AI Agent Security Audits

understand-anythingScore 0/100memory-lancedb-proScore 0/10062ac696296b54aadScore 0/100gstackScore 0/10062ac696296b54aadScore 0/100

Scanned on July 15, 2026. 6bc837afc1a86e89 is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.

Start Your Free Scan