ClawHub

sop-factory

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward SOP-drafting helper with no evidence of hidden networking, credential access, or unsafe persistence.

Reasonable to install for SOP drafting. Use explicit prompts when invoking it, review drafts before treating them as official procedure, and run the helper only with an output filename you are comfortable creating or overwriting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger examples include generic phrases such as '做 SOP', '流程文档化', and '交接文档' that can plausibly appear in ordinary user conversation, increasing the chance the skill is invoked when the user did not explicitly intend to use it. Unintended activation can cause the agent to apply the skill’s workflow, reframe the task, or suggest file-processing actions in contexts where a simpler or safer response was expected.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrase "turn this workflow into an SOP" is broad enough to match ordinary conversation and may activate the skill in contexts where the user did not intend specialized SOP generation. Over-broad activation can cause unintended tool/script use, irrelevant file generation, or overshadow safer/more appropriate skills, especially because this skill can use bundled scripts and resources.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The collection of trigger phrases is ambiguous because it lacks boundaries, opt-in language, and negative examples distinguishing casual discussion of workflows from explicit requests to invoke the skill. This increases the chance of accidental activation and context hijacking, which is more concerning here because the skill can structure outputs and invoke a local script to generate artifacts.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrase "做 SOP" is very broad and can match ordinary user language rather than a clearly scoped skill invocation. This increases the chance of accidental activation or routing to the skill in contexts where the user did not intend structured SOP generation, which can cause confusion, misfires, or unintended handling of sensitive workflow content.

Vague Triggers

Medium
Confidence
91% confidence
Finding
Phrases like "turn this workflow into an SOP," "流程文档化," and "标准作业流程" are semantically broad and overlap with common requests for documentation help. Ambiguous triggers make the skill easier to invoke unintentionally and can cause inappropriate routing, especially in multilingual environments where generic phrasing is common.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal