ClawHub

pm-workbench

Security checks across malware telemetry and agentic risk

Overview

This is a product-management prompt/workflow skill with no evidence of data exfiltration, destructive behavior, credential use, or hidden execution.

This skill appears safe to install from a security standpoint, but treat it as decision-support guidance rather than an authority to make business decisions for you. Review the broad trigger language if you use many overlapping PM or business skills, and note that the current package has missing README image assets that break its own validation check.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill advertises very broad trigger phrases like helping unpack requests, deciding whether to do work now, and turning asks into leadership-ready outputs. In an agent-routing context, these generic phrasings can match a wide range of ordinary user requests and cause the skill to activate outside its intended scope, increasing the chance of inappropriate guidance, prompt collisions, or accidental override of a more suitable specialized skill. The PM-workbench context makes this somewhat more plausible because product-strategy questions are often phrased in everyday business language.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The example prompt is broad natural language that could easily match ordinary user requests outside the intended command boundary, causing the agent to invoke this roadmap workflow when the user may only want a narrower planning or writing task. In a routing or trigger-based system, this increases the chance of unintended activation, mis-scoped outputs, and incorrect handling of user intent.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad, natural-language prompts such as 'Help me unpack this request' and 'This request feels vague,' which can match many ordinary PM conversations and cause this workflow to be selected when a more appropriate workflow should handle the task. In an agent-routing context, overbroad activation can degrade decision quality, steer users into unnecessary clarification loops, and produce incorrect artifacts or recommendations.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases are broad enough to match many generic writing or structuring requests, which can cause the agent to select this workflow when the user really needs a different one such as clarification, evaluation, or comparison. In a workflow-routing system, overly permissive triggers are a real security and reliability risk because they can steer execution into the wrong capability, leading to confused outputs, skipped gating questions, or mishandling of sensitive product decisions.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase at this line is broad enough to match ordinary business-language requests, which can cause the skill to be invoked outside its intended scope. In an agent routing system, overly generic triggers increase the chance of misrouting users into founder-level strategic guidance when they may need narrower, lower-risk workflows, leading to inappropriate recommendations or confused decision support.

Vague Triggers

Medium
Confidence
84% confidence
Finding
This trigger phrase is vague and likely to collide with common planning or prioritization requests, increasing the probability that the workflow activates for generic product or strategy questions. Because this skill produces founder-level business calls, accidental activation can skew outputs toward high-level strategic decisions without sufficient fit or context.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal