ClawHub

Autoresearch

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local optimizer that can rewrite a selected skill file, so it should be installed only by users who want that behavior.

Install this only if you want an agent to iteratively modify prompts, articles, or a selected local skill. For Skill mode, review the resulting SKILL.md changes or snapshots after each batch, and avoid running it on safety-critical skills or files containing secrets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to resolve a filesystem path, edit SKILL.md, and reference external files, which implies file read/write and potentially shell-assisted workflow, yet no permissions are declared. This creates a hidden capability mismatch: an invoking system or reviewer may assume the skill is text-only while it can modify local files, increasing the risk of unauthorized file access or persistent prompt/skill tampering.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are very broad and overlap with ordinary editing requests such as improving a prompt or polishing an article. That can cause the skill to activate in contexts where the user did not intend an autonomous mutation-testing loop, leading to unnecessary file access, content rewriting, or unexpected self-modification behavior.

Self-Modification

High
Category
Rogue Agent
Content
**Per-round procedure:**

1. **Mutate**: Make ONE small edit to the target content:
   - Skill mode: edit SKILL.md
   - Prompt mode: edit the prompt string
   - Article mode: edit the article text
Confidence
97% confidence
Finding
edit SKILL

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal