ClawHub

Sales Dialogue

Security checks across malware telemetry and agentic risk

Overview

This is a text-only sales guidance skill with broad input requests, so it should be used with redacted business context rather than sensitive documents.

Install only if you want a broad sales writing and recommendation aid. Provide the minimum context needed, redact customer data, contracts, credentials, pricing strategy, regulated information, and internal plans, and have a qualified person review any legal, compliance, financial, or strategic recommendations before acting on them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill’s invocation guidance is generic and encourages users to paste broad business context, data, or requirements without defining clear boundaries on when the skill should be used or what data types are appropriate. In practice, this increases the chance that users will provide confidential internal information, customer data, or regulated business material to a skill that is framed as broadly applicable across many business scenarios.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly asks users to copy and paste business context, data, and documents, but provides no warning against sharing sensitive, confidential, regulated, or personal information. Because the skill is positioned for enterprise, SMB, vendor, and cross-functional use, users may reasonably submit pricing, customer lists, contract terms, competitive intelligence, or regulated records, creating a meaningful data-exposure and compliance risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal