ClawHub

Crisis Management & Communications Playbook

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only crisis response playbook that gives high-stakes advice but does not install code, access accounts, or act on its own.

Install as a planning aid, not as a substitute for professional crisis response. Have qualified legal, security, HR, privacy, and communications staff review any real-world statements, regulatory notifications, employee monitoring, legal holds, or public actions before acting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The README says users can 'just describe your situation' and that the agent will 'immediately' perform a broad set of crisis-management actions. Without explicit activation boundaries, this skill could engage on ordinary discussion, hypothetical examples, or incomplete user context, causing the agent to generate sensitive legal, regulatory, or incident-response guidance when it was not clearly requested.

Vague Triggers

Medium
Confidence
87% confidence
Finding
Claiming users can 'just ask in plain English' makes activation semantics overly permissive and ambiguous. In a crisis-management context, broad natural-language triggering increases the chance the skill will respond to casual mentions of incidents, roleplay, or third-party scenarios as if they were real emergencies, potentially producing inappropriate or overconfident response instructions.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The playbook explicitly recommends monitoring employee chatter, internal Slack sentiment, Glassdoor trends, and unusual access patterns without any accompanying privacy, labor, or governance safeguards. In a crisis-management skill, this can normalize invasive employee surveillance and lead users to collect or analyze protected internal communications in ways that violate privacy laws, workplace policies, or whistleblower protections.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal