ClawHub

Prompt Injection Defense

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent prompt-injection defense helper, with its shell/Python use and memory writes disclosed and aligned with its purpose.

Install only if you want local helper scripts for handling untrusted content. Keep higher-risk integrations read-only where possible, run the command wrapper only around commands you intended to execute, and do not treat the sanitizer output as fully safe instruction-neutral text; review quarantine and memory entries periodically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill declares executable capabilities via `python3` and `bash` and demonstrates file/shell access patterns, but does not declare corresponding permissions. This creates a governance and containment gap: an agent or platform may grant or assume broader execution than reviewers expect, increasing the chance of unsafe file access or command execution in a security-sensitive skill.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The function documentation promises to 'convert to declarative form', but the implementation only strips a few Unicode control characters, normalizes whitespace, and truncates text. In a prompt-injection-defense skill, this mismatch is security-relevant because downstream components may trust the sanitized output as instruction-neutralized when adversarial imperative content remains intact.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal