ClawHub

Swe Bench A6e0fc

Security checks across malware telemetry and agentic risk

Overview

This skill appears non-destructive, but its topic and activation rules are too muddled and broad to install without review.

Install only if you intentionally want this mixed SWE-bench/AI-coding/ASPICE content and are comfortable with broad automatic activation. Prefer a revised version with one clear purpose, one constrained activation section, and unrelated duplicated material removed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The manifest advertises SWE-bench and AI coding comparison content, but the body is heavily polluted with unrelated duplicated ASPICE material and merged fragments. This mismatch can cause the agent to invoke the wrong skill, provide misleading assistance, or surface unintended behavior under an apparently legitimate topic label.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrase is extremely broad and includes common terms like "Claude" and "Code," which are likely to appear in ordinary conversation. This creates a high risk of accidental activation, causing the skill to override normal handling and inject irrelevant or unsafe instructions into unrelated user sessions.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The activation conditions include vague phrases such as users saying "SWE-bench" or "Claude" and requesting related help, without any boundary on context or intent. In practice this can make the skill trigger during normal technical discussion, leading to unsolicited context switching and potentially misleading guidance drawn from noisy merged content.

Vague Triggers

Medium
Confidence
93% confidence
Finding
This repeated trigger block remains vague and broad, especially the condition that the user needs help "related" to the skill. Because the surrounding content is duplicated and partially unrelated, accidental activation here is more dangerous: the agent may pull in the wrong merged section and provide off-topic workflow/process material.

Vague Triggers

Medium
Confidence
93% confidence
Finding
Another duplicated broad trigger definition increases the chance of unintended activation and compounds ambiguity across merged sections. Repetition also makes maintenance harder, so future edits may narrow one block but leave another permissive block active, preserving the unsafe behavior.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The final trigger block still lacks clear invocation boundaries and continues using broad, generic help language. Since the file contains multiple merged identities and duplicated content, this broad matching can cause persistent misrouting of user requests to the wrong skill behavior across several contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal