Interviewer-Claw

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only interviewing skill whose optional document-reading and spec-file generation are disclosed and tied to its planning workflow.

Install this in workspaces where you are comfortable letting the assistant inspect plans, specs, and related project documents. Before using the speckit flow, review the proposed file paths and generated content because it can create persistent project documentation that may guide later implementation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The skill is presented as an interview/stress-test tool, but its documented behavior expands into generating and eventually writing multiple spec-kit artifacts to the workspace. This capability mismatch can surprise users, increase the tool’s authority beyond its declared purpose, and create unintended file modifications in repositories where users expected only conversational analysis.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The spec-kit generation flow introduces broad workspace read/write capabilities that are not necessary for merely interviewing or stress-testing an idea. Because it can create multiple files and directories after conversational context gathering, it increases the risk of unwanted repository changes, scope creep, and misuse through accidental invocation or over-trusting users of the skill.

Vague Triggers

Medium

Confidence: 81% confidence
Finding: Broad trigger wording increases the chance the skill activates in contexts where the user did not intend this specific capability, especially given that the skill can inspect artifacts and later generate files. Unintended invocation can expose workspace content to unnecessary analysis and may steer the session into higher-impact actions than the user expected.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The invocation guidance uses catch-all examples that are semantically broad, making it easier for ordinary conversation to be interpreted as a request to run the skill. In the context of a skill that may read plans and eventually write structured artifacts, accidental activation raises the risk of unintended data handling and workspace changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal