ClawHub

Algernon Orchestrator

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenAlgernon study-session router that reads local study memory and a study database, with broad activation wording but no hidden, destructive, or unrelated behavior found.

Install if you are comfortable with the skill reading OpenAlgernon files under ~/.openalgernon and querying its study.db whenever a session starts. Use explicit OpenAlgernon commands for best control, and review the companion sub-skills separately because this orchestrator routes install, update, import, and remove actions to them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The orchestrator is configured to activate on broad natural-language triggers like asking what materials are available, which can overlap with ordinary conversation and cause unintended skill invocation. In an orchestrator skill, over-broad activation is especially risky because it performs automatic context loading and command routing before narrowing scope, increasing the chance of unnecessary file/database access and misrouting user intent.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The instruction to interpret any message that merely 'expresses study intent' is ambiguous and grants the orchestrator wide discretion to route loosely related user input to sub-skills. Because this is the top-level router, misclassification can trigger downstream actions or data access without sufficiently explicit user consent, making the context more dangerous than it would be in a narrowly scoped helper skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal