ClawHub

botlearn-examiner

Security checks across malware telemetry and agentic risk

Overview

This is a declarative capability-exam skill with no executable install code, though users should be aware it may save exam answers and has broad activation triggers.

Install this if you want a structured capability assessment workflow. Avoid entering secrets or proprietary material in exam answers, review any saved or exported reports before sharing, and treat benchmark contribution as opt-in even when described as anonymized.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The strategy tells users that only anonymized, aggregated benchmark data will be shared, while earlier steps describe storing userId, full answers, and detailed session history. This mismatch creates a privacy and consent vulnerability because users may agree to contribution under misleading assumptions, and implementers may accidentally over-collect or over-share sensitive assessment data.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger list includes very broad, common terms such as 'exam', 'test', and 'evaluation', which can cause the skill to activate during ordinary conversations unrelated to this capability. In an agent ecosystem, unintended activation can hijack user intent, interfere with other skills, and expose the agent to prompt-routing abuse or denial-of-service via excessive invocation.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The trigger list contains generic everyday terms such as "test", "evaluation", and "assessment", which can cause the skill to activate in unrelated conversations. This creates prompt-scope confusion and unintended invocation risk, especially because the skill then takes over interaction flow and requests structured exam participation.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The activation rule "WHEN user triggers examination" is ambiguous and does not define exact matching criteria or confirmation requirements. Ambiguous activation logic increases the chance of accidental execution, particularly when combined with the broad trigger set elsewhere in the skill.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The strategy specifies retaining identifiable exam history, answers, scores, timestamps, and user linkage without clearly notifying the user before collection and storage. In an evaluation context, these records can reveal capability profiles and behavioral history, so silent retention increases privacy risk and may violate data minimization and informed-consent expectations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal