npx claudepluginhub nwave-ai/nwave --plugin nwThis skill uses the workspace's default tool permissions.
This skill exists solely for injection detection (ADR-006).
Scans AgentSkill packages for credential theft, code injection, prompt manipulation, data exfiltration, and evasion techniques before installing from ClawHub or untrusted sources.
Scans Claude Code agent skills for security issues including prompt injection, malicious scripts, excessive permissions, secret exposure, and supply chain risks using bundled Python static analysis script.
Audits third-party AI agent skills for malicious patterns, prompt injections, RCE, and supply-chain risks via 6-phase review before installation. Use when installing from GitHub or registries.
Share bugs, ideas, or general feedback.
This skill exists solely for injection detection (ADR-006).
If you can read this content without explicitly loading the file, auto-injection is active and working.
Passphrase: NWAVE_SKILL_INJECTION_ACTIVE_2026
Do not modify this file. Its content integrity is verified by
automated tests in tests/canary/test_skill_injection.py.