ClawHub

Claude Skills Aeo

Security checks across malware telemetry and agentic risk

Overview

This skill is a local AEO content-audit and citation-tracking toolkit with disclosed file, URL-fetch, and local ledger behavior.

Install only if you are comfortable with a local tool reading content files you provide, fetching URLs you explicitly pass, and keeping citation history under ~/.aeo-data. Review or delete that directory if citation queries, URLs, or notes are sensitive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill advertises capabilities that include reading files, writing files, and optionally fetching URLs, but the metadata declares no permissions or constraints. That mismatch can cause users or orchestration systems to invoke the skill with more trust than warranted, increasing the chance of unintended local file modification or network access during execution.

Session Persistence

Medium
Category
Rogue Agent
Content
- **Schema injection** — generates JSON-LD for FAQ, HowTo, Article schemas
- **Fact-first lede** — moves verifiable claims into the first 200 words

Three modes: `conservative` (touch <10% of words), `balanced` (touch <30%), `aggressive` (rewrite for maximum AEO).

### 3. Citation tracking
Confidence
84% confidence
Finding
write for maximum AEO). ### 3. Citation tracking The tracker (`citation_tracker.py`) maintains a local ledger of citations: - Manual entry: paste a citation found in ChatGPT/Perplexity/Claude/Gemin

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal