ClawHub

File Launcher

Security checks across malware telemetry and agentic risk

Overview

This skill has a clear file-opening purpose, but it gives the assistant broad authority to launch local files and programs without confirmation.

Install only if you want the assistant to open local files and start programs for you. Before using it, set a rule that the assistant must confirm the exact file or program first, and avoid using it on executables, scripts, shortcuts, unknown downloads, or sensitive documents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The usage phrases are broad enough to match ordinary requests like opening documents, images, or media, which makes accidental activation likely. In a skill that launches files or programs, ambiguous triggering materially increases the chance the assistant will execute a sensitive action in the wrong context.

Vague Triggers

Medium
Confidence
96% confidence
Finding
Example commands like 'Open my playlist' and 'Launch the document' are highly ambiguous and overlap with common assistant requests, encouraging overbroad routing into a file-opening capability. Because the skill can open arbitrary files with their default applications, these examples increase the risk of launching malicious files or unintended programs through normal conversation.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill explicitly states it will open files using Invoke-Item and says there is no need to wait for confirmation, which removes a key safeguard before executing potentially dangerous local actions. In this context, opening arbitrary files or programs can trigger execution of malicious content, invoke risky file associations, or launch sensitive applications without adequate user verification.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal