ClawHub

Nm Attune Project Brainstorming

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent project-planning helper, but it automatically forwards brainstorming content into other skills and subagents without a clear confirmation gate.

Install only if you want an opinionated Attune workflow that can move from brainstorming into War Room review and specification automatically. Use --standalone or explicitly tell the agent to stop after brainstorming if you do not want downstream handoffs, and use --skip-review if you do not want the review subagent. Avoid using it for confidential plans unless you are comfortable with the local .attune/brainstorm-session.json file and the documented sharing of brainstorming context with other LLM-driven components.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill is presented as a brainstorming aid, but it silently expands scope by automatically invoking War Room deliberation and passing brainstorming context to another skill. This creates a capability mismatch: users may disclose early-stage ideas or sensitive project details expecting a bounded ideation session, while the skill actually forwards that data and performs additional actions beyond the stated purpose.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The documented behavior contradicts the advertised purpose by automatically continuing into specification after generating the brief. That can cause unauthorized workflow progression, additional context exposure, and unanticipated file modifications or downstream agent actions without a clear user checkpoint.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The spec-review loop introduces an additional subagent dispatch and iterative processing step that is not justified by the brainstorming skill's stated function. This broadens execution scope, may expose generated content to extra models or components, and creates hidden autonomous behavior that users would not reasonably expect from an ideation helper.

Vague Triggers

Medium
Confidence
86% confidence
Finding
Broad triggers like brainstorming, planning, requirements, and ideation increase the chance that this skill activates in contexts where users did not intend its autonomous handoffs, persistence, or downstream delegation. Because this skill does more than brainstorming, overbroad invocation materially raises the risk of surprise execution and unintended context propagation.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill description omits a material privacy and control detail: brainstorming context is automatically passed to another skill/LLM system. In a brainstorming context, users often share sensitive business plans, architecture ideas, or internal constraints, so undisclosed forwarding meaningfully increases data exposure risk.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The skill persists brainstorming session data to `.attune/brainstorm-session.json` without a clear warning about local storage or retention. Brainstorming sessions can contain confidential product ideas, stakeholder details, and constraints; storing them silently increases the risk of accidental disclosure, repository inclusion, or reuse by other tools.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal