ClawHub

Council of Wisdom

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is not malicious, but it needs review because it can silently route broad user requests to other workspace skills without clear limits or consent gates.

Install only if you trust the other skills and agents in your workspace. Prefer explicit use with the `council:` prefix, and avoid using it for sensitive or high-impact tasks unless you can see or restrict which downstream skills it calls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

High
Confidence
86% confidence
Finding
Keywords such as "analyze" and "compare" are highly ambiguous and commonly appear in normal user requests, so they can spuriously activate the skill outside its intended scope. While this is not inherently code-execution dangerous, the risk is elevated here because the skill is an orchestration hub that can route into other workspace capabilities.

Vague Triggers

Medium
Confidence
86% confidence
Finding
Keywords such as "analyze" and "compare" are highly ambiguous and commonly appear in normal user requests, so they can spuriously activate the skill outside its intended scope. While this is not inherently code-execution dangerous, the risk is elevated here because the skill is an orchestration hub that can route into other workspace capabilities.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill states it can call workspace skills when needed, yet it presents operation as silent and does not clearly warn users when external or secondary capabilities may be invoked. In a hub that can reach other local skills and agents, hidden delegation reduces user awareness and consent, making unintended data flow, tool use, or privilege expansion more dangerous.

Missing User Warnings

Low
Confidence
90% confidence
Finding
Declaring "Implicit Mode" as the default means the skill can influence outputs and decision-making without making that mediation visible to the user. In this specific skill, hidden deliberation is more sensitive because the system is designed to route among agents and potentially to workspace skills, obscuring how conclusions were formed or whether additional capabilities were engaged.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The activation condition 'Triggered for complex queries' is underspecified and can be interpreted very broadly by an orchestrating agent. In a multi-agent hub that can call other workspace skills, ambiguous routing criteria increase the chance of unintended invocation, unnecessary delegation, and prompt-surface expansion that can affect behavior or leak context to components that did not need to run.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The keyword list includes common phrases like 'help me think' and 'explain' that appear in many ordinary prompts, making accidental activation likely. In this skill ecosystem, broad triggers can cause over-invocation of the assessor and potentially cascade into additional agent or workspace-skill calls, increasing attack surface and reducing predictability of routing.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger scope is broad enough that the agent may activate on many generic technical terms such as 'api', 'system', or 'server', causing it to participate in contexts beyond its intended specialty. In a multi-agent hub that can invoke workspace skills, overbroad routing can increase unnecessary agent involvement and raise the chance of unintended disclosure, incorrect delegation, or misuse of downstream capabilities.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger conditions are broad and include common terms such as 'should I', 'right', and 'concern', which can cause the Values Guardian to activate in many unrelated prompts. In a multi-agent hub, this can lead to unnecessary routing, noisy ethical interventions, and potential disruption of intended agent selection, reducing reliability and opening the door to prompt-shaping by users who intentionally include trigger words.

VirusTotal

No VirusTotal findings

View on VirusTotal