ClawHub

Business Continuity Planner

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward business continuity planning helper, with sensitive inputs that are expected for its purpose but should be handled carefully.

Install is reasonable if you want help drafting a BCP/DR plan. Treat the generated plan and inputs as sensitive business information, avoid entering credentials or unnecessary personal phone numbers, and only run any DR or failover testing through your normal change-control and approval process.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly instructs users to assemble sensitive operational details such as critical systems, vendors, escalation paths, and contact trees, but provides no warning to minimize, redact, or carefully handle this information. In an agent context, collecting concentrated business continuity and recovery data can expose a high-value operational blueprint if the content is logged, shared with third parties, or later misused.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill recommends simulation and full DR failover testing as general practice without emphasizing change control, maintenance windows, rollback plans, stakeholder approval, or production-safety constraints. In practice, an agent-generated recommendation to invoke recovery procedures can contribute to service disruption, data inconsistency, or accidental outages if followed naively.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal