ClawHub

Journal Cover Prompter

Security checks across malware telemetry and agentic risk

Overview

This is a simple journal-cover prompt helper with some scope and documentation rough edges, but no evidence of hidden access, persistence, data theft, or destructive behavior.

Install this only if you want a lightweight helper for scientific image-generation prompts. Use scripts/main.py as the real executable path, treat the cover_prompter examples as stale documentation, and avoid putting confidential unpublished research details into prompts that may later be sent to external image generators.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The archived dynamic results show a real boundary-control weakness: in the stress case, the skill failed assertions that it stayed within declared scope and that required safety/boundary guidance was present. For an agent skill, this means broad or stressful inputs may cause output drift beyond prompt-generation for scientific visuals, increasing the chance of inappropriate instructions, overclaims, or misuse in adjacent academic-writing contexts.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation guidance is broader than the skill's actual domain, including generic academic writing and fallback/error-handling use cases rather than being limited to journal-cover prompt generation. Overbroad routing can cause an agent to invoke this skill in inappropriate contexts, producing irrelevant or unsafe outputs and bypassing more suitable, task-specific controls.

Vague Triggers

Medium
Confidence
82% confidence
Finding
An overly broad invocation description can cause the agent to route many generic academic-writing requests into this skill, even when the task is not limited to image-prompt creation. That misrouting increases the attack surface for prompt confusion, scope creep, and production of outputs that do not match the intended safety and research-boundary constraints.

Vague Triggers

Medium
Confidence
84% confidence
Finding
A vague primary-use description that triggers on broad, common requests is a genuine security and safety issue in agentic systems because it can incorrectly activate the skill outside its intended domain. In this context, incorrect activation is made more dangerous by the documented stress-case scope drift, so broad routing language compounds an already observed boundary weakness.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal