ClawHub

Quick Draft

Security checks across malware telemetry and agentic risk

Overview

This draft-writing skill has no executable code, but its instructions are cluttered with unrelated merged content and broad triggers that could make it activate in the wrong situations.

Install only if you are comfortable with a noisy prompt-only skill that may trigger too often. Prefer a cleaned version that keeps only the quick-draft instructions and removes the unrelated Bilibili learning blocks and synthetic trigger phrases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The skill advertises a quick email/message drafting function, but most of the file is filled with unrelated merged 'learning' content and stray triggers. This creates instruction drift and expands the skill's effective behavior in unpredictable ways, increasing the chance that the agent follows irrelevant or attacker-injected content instead of the declared purpose.

Vague Triggers

High
Confidence
95% confidence
Finding
Triggers like '草稿', '写邮件', '写消息', '帮我回复', and 'draft' are extremely broad and overlap with normal conversation. That makes the skill easy to activate unintentionally, causing it to intercept general user requests and potentially override more appropriate agent behavior.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The additional trigger block broadens activation to opaque merged identifiers and vague phrases such as '10160测试'. These ambiguous triggers make the skill callable in contexts unrelated to drafting, which increases confusion, accidental routing, and the risk of hidden behavior surviving through content merges.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal