ClawHub

Prfaq Beagle

Security checks across malware telemetry and agentic risk

Overview

This skill is a document-coaching workflow that stores PRFAQ work in a project folder and does not show hidden execution, credential use, or destructive behavior.

Before installing, be comfortable with the skill scanning project documents through its analysis companion and creating or updating `.beagle/concepts/<slug>/` files. Review the companion skills if outbound web research or local document analysis is sensitive in your workspace.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to create and update workspace files such as `.beagle/concepts/<slug>/prfaq.md` and `brief.md`, but it does not require an explicit user confirmation or warning before modifying the user's filesystem. Because the skill is user-invocable and writes multiple files as part of normal operation, a user could trigger persistent workspace changes without clear consent or awareness, especially during resume/fresh-pass flows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This instruction explicitly tells the agent to write state changes to prfaq.md as part of workflow progression, but it does so without requiring user awareness or consent. Hidden file mutation can create non-transparent state transitions, cause unintended persistence across runs, and make the agent perform side effects the user did not knowingly authorize.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The transition gate instructs the agent to update prfaq.md and load another file automatically, creating a chained state change and control-flow jump that may occur without clear disclosure. This is dangerous because it enables silent progression of the skill's internal state and additional file access beyond what the user may expect from a conversational step.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The file explicitly instructs the agent to write state transitions into prfaq.md as part of workflow progression, but provides no requirement to disclose that project files will be modified. In an agent setting, undisclosed file writes are a real integrity risk because user conversation can trigger persistent state changes the user did not knowingly authorize.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The transition gate again directs the agent to update prfaq.md and load another file after user confirmation to move stages, but still omits any explicit disclosure that a persistent file modification will occur. Even though the write is tied to workflow logic, hidden state mutation can surprise users, complicate auditability, and be abused to alter project state beyond what the user understands.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal