ClawHub

info-collector

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only public information gathering skill with broad but disclosed web-search behavior and no evidence of hidden execution or private data access.

Install this if you want a broad public-source monitoring assistant. Before relying on it, specify the topic, time window, language, allowed or excluded sources, and whether findings may be saved to memory; manually verify important source links for decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger conditions are extremely broad and can activate on ordinary research, news, or update requests without clear boundaries. This creates scope creep risk: the skill may be invoked unexpectedly, causing unintended browsing, data collection, and output shaping beyond what the user explicitly requested.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill body instructs generic topic-based information collection with no concrete trigger constraints, reinforcing the risk that it will handle overly broad classes of user requests. In an agent setting, vague routing rules can cause unnecessary web access and make the assistant follow a more invasive workflow than needed.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
Defaulting the output language to zh-CN without user opt-in can cause responses in an unexpected language, reducing transparency and potentially confusing users about what the agent is doing. While not directly a code-execution issue, it can undermine consent and usability, especially when the skill activates automatically.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal