ClawHub

Cxz9909 Adaptive Reasoning

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill changes how the agent decides when to use deeper reasoning, but it does not install code, read private data, or contact external services.

Install this only if you want an always-on reasoning preprocessor. Expect possible extra token usage, silent reasoning-mode changes, and occasional 🧠 or 🧠🔥 markers in responses. Avoid or disable it for strict JSON/API output, formatting-sensitive workflows, or situations where the agent should not change reasoning state without explicit user control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill is presented as a mental preprocessing step, but its instructions also alter user-visible output and attempt to change session reasoning state. This mismatch can mislead integrators about the skill’s actual behavior, causing unauthorized response modification or hidden state changes across conversations.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The file claims no external tools are needed while also instructing use of a session_status tool or internal command to enable reasoning. This inconsistency can bypass operator expectations and encourage hidden tool/state usage in environments where such actions should be controlled or audited.

Vague Triggers

High
Confidence
95% confidence
Finding
Triggering on every user message without narrow scope creates an overly broad policy hook that can affect unrelated interactions, including simple, sensitive, or policy-constrained requests. Such global interception increases the chance of unintended behavior, hidden state transitions, and degraded trust or compliance across the entire session.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The automatic activation logic is broad and ambiguous, instructing silent enablement of reasoning based on subjective scoring thresholds. Ambiguous silent activation can produce inconsistent behavior and hidden mode changes that are difficult to audit, predict, or override safely.

Natural-Language Policy Violations

Low
Confidence
84% confidence
Finding
Forcing visual indicators onto responses without user opt-in modifies output format and can interfere with downstream consumers, strict response schemas, or professional communications. While lower severity than hidden state changes, it still creates unauthorized output manipulation and leaks internal mode decisions to users.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal