ClawHub

Munger Decision

Security checks across malware telemetry and agentic risk

Overview

This skill does not look like malware, but its decision-support content is repeatedly mislabeled and could give users the wrong framework for business or investment decisions.

Install only if you are comfortable treating this as an experimental brainstorming aid, not authoritative decision advice. Before relying on recommendations, verify the model definitions and references yourself, especially for investing, compliance, hiring, or business-launch decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (47)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The entry named '多元思维模型' is described using first-principles content, creating a semantic mismatch between identifier, description, and prompts. In a reasoning skill, this can mislead downstream agents or users into applying the wrong decision framework, degrading reliability and potentially causing unsafe recommendations in high-stakes contexts.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The '均值回归' record contains confirmation-bias content rather than mean-reversion content, so the file presents materially incorrect guidance under a trusted label. This is dangerous because an agent using the dataset for prompt selection or reasoning support may silently substitute an unrelated cognitive model and produce flawed conclusions.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '激励机制' entry is populated with self-serving bias material, which misrepresents the concept and undermines the integrity of the model library. In a skill meant to guide decisions, mislabeled conceptual content can systematically distort analysis and reduce trust in every downstream recommendation built on this file.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '二阶思维' item instead describes illusion of control, which is a different concept entirely. This can cause an agent or user to analyze first-order/second-order effects incorrectly, especially if the system treats the label as authoritative and uses the description as operational guidance.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The '地图不是疆域' entry contains pattern-recognition/apophenia text instead of explaining the difference between models and reality. That mismatch can miseducate users and poison any retrieval or classification logic that relies on these entries as a structured knowledge base.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '奥卡姆剃刀' entry discusses dramatic-event probability misestimation rather than simplicity of explanation. This makes the knowledge asset internally contradictory and may cause wrong heuristic selection when the skill recommends reasoning tools for decisions.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The '汉隆剃刀' item describes hyperbolic discounting instead of attributing errors to incompetence before malice. In a decision-support skill, such a mismatch can lead to erroneous social inference and risk assessment, especially where users rely on the label for interpretive framing.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '博弈论' entry is filled with blind-spot/uniqueness bias material rather than strategic interaction concepts. This kind of mislabeling can corrupt reasoning flows, retrieval augmentation, or educational outputs by substituting an unrelated psychological bias for a systems model.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '幂律分布' entry describes just-world bias rather than heavy-tailed distributions. Because the file appears intended as a structured reasoning corpus, this mismatch can produce materially wrong explanations and decisions where tail risk or concentration effects matter.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '反脆弱' record contains unknown-unknowns/knowledge-curse content instead of describing systems that benefit from stressors. This is dangerous because users may be taught the wrong resilience strategy, and any automated use of the content will propagate that conceptual error.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The '黑天鹅' entry discusses planning fallacy rather than rare, high-impact, hard-to-predict events. In a skill for reasoning and decision support, that error can weaken risk awareness and misdirect users away from tail-risk preparation.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '幸存者偏差' item instead explains groupthink and overvaluing group decisions, which are distinct concepts. This can cause decision-support outputs to omit failure-case analysis and misuse the term when evaluating evidence, directly harming analytical quality.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '达克效应' entry contains moral self-enhancement material rather than Dunning-Kruger-type competence miscalibration. This undermines dataset integrity and can lead to wrong coaching or assessment behavior if an agent uses the entry to explain user errors.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The '市场先生' record discusses unreliable memory instead of market mood versus intrinsic value. For an investing or decision skill, this is especially risky because it misframes a core investing concept and could skew valuation-oriented recommendations.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The '回归均值' entry contains attention-blindness and multitasking content, not regression-to-the-mean. This can cause users or automated workflows to misinterpret performance fluctuations and make unsound forecasts based on mislabeled guidance.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The '规模效应' item instead describes affective forecasting errors, which is unrelated to scale effects. A structured knowledge file with this level of concept confusion can mislead retrieval, ranking, and recommendation logic that assumes labels are trustworthy.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The '供需关系' record contains false-uniqueness material rather than market supply-demand dynamics. This matters because a mislabeled economic concept can distort pricing or market analysis generated by the skill, particularly in business or investing contexts.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The '复利效应' entry is populated with false-consensus content instead of compounding. Since this file appears to function as a model catalog, such corruption can cause both educational harm and systematic reasoning errors if agents rely on these definitions to structure answers.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The document establishes a hard rule that P0 items—especially compliance requirements—must be 100% complete before launch, then later contradicts itself by endorsing a launch with an unmet licensing/compliance item. In a decision-support skill, this inconsistency is dangerous because users may treat the case study as approved precedent and proceed with unlawful or noncompliant operations under the banner of 'risk launch.'

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The document’s illustrated output for an L3 assessment conflicts with the implemented recommendation logic, which can cause users or downstream agents to take a different action than the code will actually produce. In a decision-support skill for investing/career/business choices, such inconsistencies are dangerous because operators may trust the prose examples instead of the executable logic and allocate more risk than intended.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The use-case commentary states a maximum allocation that does not match the allocator’s implemented limits, creating a direct mismatch in risk-control guidance. Because this skill gives position-sizing advice for investments and business decisions, users may over-commit capital based on the narrative even when the code would cap exposure differently.

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The action recommendation metadata advertises PROCEED for L3 and above, while the implementation grants PROCEED only for exact L3 or exact L4 cases with separate checks. This is primarily a logic/documentation integrity flaw that can mislead integrators building policy gates from metadata rather than code, leading to inconsistent enforcement.

Intent-Code Divergence

Low
Confidence
90% confidence
Finding
The enum declares allocation scenarios that the allocation matrix does not implement, which can lead to undefined lookups or runtime errors when those scenarios are used. In an agent skill, incomplete scenario coverage can silently break guardrails or produce invalid allocation advice for unsupported but apparently valid inputs.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The document title labels the content as the Dunning-Kruger Effect, but the body actually explains relativity/reference-frame thinking. This semantic mismatch can mislead downstream users or agents into retrieving, citing, or applying the wrong concept, which is especially risky in a reference library intended for decision support.

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The section titled '可得性启发' describes systems thinking instead of the availability heuristic, creating materially misleading guidance. In a decision-support skill, mislabeled concepts can cause users or downstream agents to apply the wrong mental model and make unsafe or poor decisions based on incorrect documentation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal