ClawHub

Smith Matrix

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill for organizing complex work into bounded local multi-agent task folders, with no evidence of hidden code execution, credential access, or exfiltration.

Install this only if you want a local file-based multi-agent task organizer. Review generated .smith-matrix files, avoid putting secrets in task descriptions or private notes, and treat the claimed isolation as an agent protocol rather than a hard security sandbox.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description uses broad trigger phrases like 'create a multi-agent system' and 'decompose task recursively' without clear scope limits, exclusions, or safety gates. This can cause the skill to activate for common orchestration requests and introduce unintended filesystem-writing, task spawning, and persistent workspace setup in contexts where the user did not explicitly request this framework.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The usage section lists several generic situations such as needing parallel subtasks or coordinated agents, but does not define boundaries for when the skill should not be used. In an agentic environment, ambiguous activation criteria can cause over-selection of this skill and lead to unnecessary recursive decomposition, persistent artifacts, and broader action surfaces than the user intended.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The skill is written entirely in Chinese without any language selection, fallback, or explicit opt-in, which can cause users or supervising systems to misunderstand the agent’s behavior and constraints. In a multi-agent orchestration skill, misunderstanding instructions is especially risky because it can lead to unintended task decomposition, file operations, or recursive agent spawning without informed user consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal