ClawHub

Faq Generator

Security checks across malware telemetry and agentic risk

Overview

This skill does not show malware-like behavior, but it can produce misleading medical FAQ content because its script returns canned answers instead of using the user’s document.

Install only with caution. The package does not show credential theft, network transfer, or destructive behavior, but its medical output should be treated as a draft template at best. Do not rely on it for patient-facing or clinical guidance unless a qualified reviewer checks every answer against the original source document.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill advertises generating FAQs from user-provided medical documents, but the implementation ignores the document input and always returns a fixed FAQ set. In a medical context, this is dangerous because users may rely on output they believe is tailored to a specific policy or protocol, leading to misinformation, omitted risks, or incorrect patient guidance.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger description is broad enough to activate on generic medical-document requests such as patient education or simplified explanations, which can cause the wrong skill to handle sensitive healthcare content. In a medical context, over-broad routing increases the chance of unreviewed or oversimplified patient-facing guidance being generated without appropriate safeguards or clinician disclaimers.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This skill produces patient-friendly explanations from medical policies but does not warn users that generated content may be incomplete, non-diagnostic, or require professional review. Because the skill is explicitly intended for patient education materials, missing safety warnings can lead users to rely on simplified output as medical advice, increasing the risk of harmful misunderstanding or inappropriate health decisions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal