ClawHub

Styling

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only beauty and styling guidance skill with disclosed local-service recommendation fields and no code, credentials, persistence, or automatic actions.

Safe to install based on the provided artifacts. Treat real-time queues, prices, deals, navigation, and booking links as informational; share location or appointment details only when needed and confirm important details directly with the service provider before acting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill metadata says it provides styling advice and consultant selection, but the body describes a live local-service discovery tool with queue status, booking, navigation, parking, and popularity/deal updates. This scope mismatch can cause the agent or reviewer to misclassify the skill’s capabilities, leading to overbroad activation and unexpected access to location-sensitive or transactional workflows.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The manifest frames the skill as helping select personal image consultants, while the documentation presents a broader beauty-service finder with venue operations and discovery features. This discrepancy increases the chance of unsafe routing, user surprise, and policy bypass because a seemingly narrow advisory skill may actually perform broader commerce- or location-oriented actions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The example invocation phrases are generic enough to match ordinary requests about styling, features, or deals rather than a tightly scoped skill invocation. Overbroad triggers can cause accidental activation, hijack unrelated user intents, and route users into a skill with broader local-service and promotional behaviors than expected.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal