ClawHub

Cybersecurity Engine

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only cybersecurity reference whose dual-use testing guidance is disclosed and aligned with its purpose, with no bundled code or hidden execution behavior.

Safe to install as a reference skill, but use it only for systems you own or are explicitly authorized to assess. Define the target and scope before asking for audits, hardening, or penetration-testing methodology, and avoid applying the guidance to third-party systems without permission.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description is extremely broad and can activate for a wide range of generic security-related requests, including sensitive guidance such as penetration testing, incident response, and security program design. Overbroad activation increases the chance the skill is invoked outside intended scope, causing inappropriate or risky security advice to be surfaced in contexts where authorization, target ownership, or user intent are unclear.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The natural-language trigger phrases are broad and map short user prompts directly to powerful security workflows like auditing, pentesting methodology, hardening, and threat modeling without guardrails. In practice this can over-trigger the skill on ambiguous requests and normalize delivery of dual-use security content before confirming scope, permissions, or defensive intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal