ClawHub

Skill Creator 0.1.0

Security checks across malware telemetry and agentic risk

Overview

This is a coherent skill-building helper that creates and packages skill files when asked, with no evidence of hidden network, credential, persistence, or destructive behavior.

Install this if you want an agent to help build skill packages. Use it only on intended skill workspaces, review generated SKILL.md and bundled resources before packaging, and make sure the folder being packaged does not contain secrets or unrelated private files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill instructs the agent to read and write files, execute local scripts, and package artifacts, but no permissions are declared. That mismatch creates hidden capability expansion: a caller may invoke what appears to be a documentation skill, while the agent is actually guided to perform filesystem and shell actions with possible network-adjacent effects during script execution or dependency use.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The description is broad enough to trigger whenever a user wants to create or update a skill, which can cause this powerful meta-skill to activate in many contexts. Because the body then recommends creating files, deleting example resources, and running scripts, over-broad activation increases the chance of unintended code execution or repository modification in conversations that only needed advice.

Self-Modification

High
Category
Rogue Agent
Content
1. Understand the skill with concrete examples
2. Plan reusable skill contents (scripts, references, assets)
3. Initialize the skill (run init_skill.py)
4. Edit the skill (implement resources and write SKILL.md)
5. Package the skill (run package_skill.py)
6. Iterate based on real usage
Confidence
90% confidence
Finding
write SKILL

Self-Modification

High
Category
Rogue Agent
Content
Any example files and directories not needed for the skill should be deleted. The initialization script creates example files in `scripts/`, `references/`, and `assets/` to demonstrate structure, but most skills won't need all of them.

#### Update SKILL.md

**Writing Guidelines:** Always use imperative/infinitive form.
Confidence
88% confidence
Finding
Update SKILL

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal