ClawHub

Academic Search

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent academic paper search helper, with the main caveat that some broad trigger words may activate it more often than intended.

Reasonable to install for academic literature searches. Be aware that search topics may be sent to external academic/search services, and consider narrowing broad triggers if accidental activation on general research or citation-related requests would be disruptive.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list contains very broad terms such as 'research', 'scholar', and 'cite', which are common in normal conversation and can cause unintended skill activation. Overbroad activation increases the chance that this skill intercepts unrelated requests, overrides more appropriate tooling, or is invoked in contexts where its external-search behavior is unexpected.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation condition 'WHEN the user requests academic paper search, literature review, or research discovery' is broad and leaves substantial room for subjective matching. This can cause the skill to activate on loosely related requests, leading to unintended external queries, confusion in orchestration, or shadowing of other safer or more relevant skills.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes very broad terms such as "research," "scholar," and "cite," which can match many ordinary user requests outside the intended academic-paper-discovery scope. This can cause the skill to activate unexpectedly, leading to misrouting of user requests, unintended invocation of external search behavior, and expansion of the skill's effective authority beyond what users likely intended.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal