ClawHub

Thinking Framework

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only reasoning skill with no code or external access, but users should treat its psychological profiles as speculative analysis rather than fact.

Install only if you want an analytical lens that may reframe answers through a named person's or philosophy's style. For living people or sensitive decisions, ask for evidence grades, uncertainty labels, and public-source grounding, and use 'exit framework' or 'back to normal' when you want ordinary responses.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill claims it is 'always clearly labeled' and 'never impersonating real people,' but its later workflow instructs the model to stay inside the target framework for subsequent responses. That creates a disclosure gap where users may receive persona-shaped output without persistent attribution, increasing the risk of deceptive anthropomorphic simulation and reduced transparency.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The instruction to generate responses 'FROM inside the framework' and not narrate that mode pushes the model toward concealed persona emulation, directly undermining the stated prohibition on impersonation. In practice this can make the model sound like a specific real person or organization without clear disclosure, which is especially risky when the target is a living person or influential entity.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The guidance explicitly tells weaker models to disclose step-by-step reasoning in the response, which can induce chain-of-thought leakage rather than just producing a concise justified answer. Exposing internal reasoning increases the chance of policy leakage, unreliable over-disclosure, and prompt extraction behavior, especially in a skill centered on psychological modeling and inferred cognition.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger conditions are extremely broad, including vague phrases like naming a thinker or asking how someone would approach a problem, even without explicit keywords. This can cause unintended activation in ordinary conversations, pulling the model into speculative psychological inference or hidden mode switching without meaningful user consent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly performs deep psychological inference, including 'core wound,' 'ego architecture,' 'shadow profile,' and 'defense mechanisms,' but it does not present an upfront warning about the sensitivity and uncertainty of inferring such traits about real people. This creates a meaningful risk of unsupported profiling, defamation-like claims, and manipulative downstream use, especially for living individuals.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This file operationalizes deep psychological profiling of real people by inferring wounds, attachment style, ego fragility, defenses, and breakdown signatures from public evidence, but it does not include meaningful safeguards around privacy, defamation, consent, uncertainty, or high-risk use cases. In the context of a skill designed to let the AI 'load' a person's mindset and reason through their psychology, these instructions can enable manipulative targeting, reputational harm, and overconfident pseudo-clinical judgments about identifiable subjects.

Ssd 2

Medium
Confidence
96% confidence
Finding
The file directly instructs weaker models to reveal step-by-step internal reasoning, which is a classic unsafe disclosure pattern. In the context of this skill, that reasoning may include sensitive psychological inferences, undocumented assumptions, or internal control logic, making the model easier to probe, steer, and extract behavior from.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal