ClawHub

Superpowers Brainstorming

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only brainstorming workflow that may slow or redirect development work, but it does not show hidden, destructive, or data-stealing behavior.

Install this only if you want a structured design-review process before implementation. Expect the agent to inspect the current project, ask planning questions, create and commit a design spec, and then move to a named writing-plans skill; tell the agent to skip or disable this skill for quick fixes or direct implementation work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill description is broad enough to match many normal development requests ('any creative work', creating features, modifying behavior), which can cause the agent to invoke this skill unexpectedly and redirect workflows. Over-broad activation increases the chance of prompt/control hijacking at the orchestration layer by inserting mandatory steps that the user did not ask for.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger conditions are ambiguous and mandatory ('every project must go through this flow'), with no clear exclusions for small edits, bug fixes, or direct-answer requests. This can let the skill override user intent and force unnecessary file inspection, questioning, and workflow transitions, which is unsafe in agent systems that rely on precise skill routing.

Natural-Language Policy Violations

High
Confidence
97% confidence
Finding
The skill content is written almost entirely in Chinese and implicitly forces that locale/style without any user opt-in or language negotiation. In a general-purpose agent, this can degrade comprehension, mislead users, and cause unsafe execution of process steps because critical workflow constraints and approvals may be presented in a language the user does not understand.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal