ClawHub

Monet Works Content Pack

Security checks across malware telemetry and agentic risk

Overview

This documentation-only content pack is purpose-aligned, but users should review its financial-content edits and the two referenced skills before publishing.

Before installing, inspect the referenced skills monet-works-content-qa-dv and ogilvy-humanizer-dv because this pack only points to them. Treat automated disclaimer, CTA, and wording changes as draft assistance, preserve originals where possible, and have a qualified reviewer approve financial or regulated content before publication.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
86% confidence
Finding
The README explicitly promises an automated pipeline that reads drafts and fixes content by removing phrases, adding disclaimers, inserting CTAs, and trimming length, but it does not warn users that authored material may be modified automatically before publication. In a financial-writing context, silent remediation is more dangerous because automated edits can change legal meaning, promotional tone, or compliance posture, leading users to trust output that may no longer reflect their intent or regulatory requirements.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly advertises an automated remediation pipeline that will detect and fix content issues, but it does not clearly warn users that their original writing may be modified automatically. In a financial-writing context, silent edits can change meaning, tone, compliance posture, or legal disclaimers, creating risk if users assume the tool is only advisory rather than actively rewriting content.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal