ClawHub

weekly-report-hy

Security checks across malware telemetry and agentic risk

Overview

This is a simple weekly-report writing skill with no executable behavior, but users should avoid pasting confidential details unless they want them preserved.

Install only if you want an assistant to turn work notes into polished Chinese weekly reports. Do not include confidential customer names, financial amounts, personal data, or internal identifiers unless you intend them to appear in the final report; ask the assistant to redact or anonymize sensitive details when needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The README says the assistant will automatically invoke this skill whenever users provide weekly work records, but it does not define clear trigger boundaries or require explicit confirmation. In practice, this can cause unintended activation on ordinary work notes or mixed-purpose messages, leading to unexpected transformation of user content and possible mishandling of sensitive workplace information.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
The skill is described as producing professional Chinese weekly reports without mentioning user language preference or opt-in, which can override the user's expected language or accessibility needs. This is mainly a policy and UX safety issue rather than a direct security flaw, but forced output language can contribute to confusing or unusable responses in multilingual contexts.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger conditions are broad and explicitly mandatory, which can cause the skill to activate even when the user did not clearly request structured weekly-report generation. This creates prompt-routing risk: unrelated inputs containing words like “周报” or loosely listed tasks may be transformed automatically, potentially mishandling user intent or exposing more content than necessary in reformatted output.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the system to preserve sensitive information exactly as provided and not redact it, but provides no warning, consent check, or minimization rule. In a reporting skill, this can propagate customer names, financial details, internal identifiers, or other confidential data into polished outputs that are easier to share onward, increasing privacy and data-leak risk.

Ssd 3

Medium
Confidence
98% confidence
Finding
This instruction explicitly prefers verbatim reproduction of sensitive user details over data minimization, which is a direct privacy and secure-design issue. Because the skill reformats and enriches the content, it can make sensitive information more readable and reusable, increasing the likelihood of accidental disclosure in downstream sharing or archival workflows.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal