ClawHub

个人IP规划全流程助手

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed personal-brand planning assistant that searches public web sources and writes a local HTML report, with no evidence of hidden, destructive, or credential-seeking behavior.

Install this if you want a skill that researches public sources and creates local HTML planning reports. Be aware that related branding phrases may trigger it, it may make several web searches/fetches, and it will save a report file in the current workspace using the IP name in the filename.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list is extremely broad and includes common branding and planning phrases in both Chinese and English, creating a real risk of unintended invocation. In an agentic environment with WebSearch, WebFetch, Write, and Bash available, accidental activation can lead to unnecessary network access and file creation without the user clearly intending to run this skill.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill says natural-language descriptions are sufficient to trigger execution but does not define boundaries, exclusions, or confirmation requirements. This ambiguity increases the chance that ordinary conversation about personal branding will launch searches and report generation workflows unexpectedly.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill requires writing a complete HTML report into the current working directory but does not clearly disclose this side effect to the user before execution. Undisclosed file writes are dangerous because they can surprise users, overwrite expected workspace contents, or persist generated artifacts containing externally sourced and user-provided content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal