ClawHub

Friday Router

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed model-routing skill that delegates tasks to OpenRouter-backed sub-agents, with no artifact evidence of secret theft, persistence, destructive behavior, or hidden data exfiltration.

Install this only if you want many task requests automatically delegated to selected OpenRouter models. Avoid sending secrets, private documents, or regulated data through it unless you are comfortable with OpenRouter and the selected providers handling that content, and review the model/cost settings in config.json before heavy use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill defines an extremely broad trigger surface for delegation by matching generic task words like "code," "write," "fix," "build," and "design," and then mandates delegation for nearly any such request. This can cause over-activation, where normal conversation or sensitive requests are automatically routed to sub-agents and external models, increasing the chance of unintended data disclosure, misrouting, or bypass of the main agent's safer handling path.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The routing rules use very broad natural-language keywords such as "check", "get", "list", "show", and "find", which commonly appear in ordinary prompts unrelated to a specific task class. This can cause misrouting to unintended models, leading to incorrect capability selection, privacy or cost surprises, and reduced safety if prompts containing sensitive or higher-risk tasks are sent to a weaker or inappropriate provider.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal