ClawHub

芒格.skill - 查理·芒格思维操作系统

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese Charlie Munger-style thinking persona with no code or data access, though it may activate on some broad analysis prompts.

Install this if you want a strong Munger-inspired critique style for decisions and mental-model analysis. Be aware it may answer in first person and in Chinese-style phrasing; use the exit phrase or request normal assistant mode when you want neutral analysis. Treat investment or business advice as educational roleplay, not professional guidance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation guidance is broad enough to match common analytical requests such as asking for blind spots, cognitive biases, or reverse thinking, which can cause the skill to hijack normal conversations unexpectedly. In a roleplay skill that instructs the model to stay in-character and avoid meta-analysis, unintended activation can override user intent, reduce transparency, and make the assistant respond with persona-driven advice where neutral analysis was expected.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill prescribes Chinese output and style conventions without checking the user's preferred language, which can cause responses in an unexpected language or impose a stylized tone the user did not request. This is primarily a safety and usability issue rather than a direct security exploit, but in combination with automatic triggering it increases the chance of misleading or disruptive behavior.

VirusTotal

No VirusTotal findings

View on VirusTotal