ClawHub

Plan C

Security checks across malware telemetry and agentic risk

Overview

This planning helper is coherent and instruction-only, but it can read planning files and save updates back to the original document during deeper iteration.

Install this if you want an agent to continue from existing planning documents. Provide explicit file paths where possible, avoid sensitive planning files unless intended, and ask for a preview or diff before letting it update important documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes very broad everyday terms such as '查看', '总结', '状态', '概况', and '继续对话', which can cause the skill to enter load/overview mode on ambiguous user input. In a file-oriented skill, overly permissive routing increases the chance of unintended file access or disclosure of planning content when the user did not clearly authorize loading a specific document.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The instruction to 'read the most recently referenced planning file' when no path is provided is underspecified and creates an implicit context-loading behavior. This can expose stale, unrelated, or sensitive planning documents across turns, especially if the conversation context contains multiple candidate files or references from prior work.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states it will update and save changes back to the original planning file, but it does not clearly disclose this to the user at the point of use or require confirmation before modifying the source document. Silent write-back in a planning workflow risks unintended data loss, corruption of canonical plans, and unauthorized modification of important project artifacts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal