ClawHub

skill-scaffolder 精简技能架构

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill for creating new skill skeleton files, and its file-writing behavior is disclosed, scoped to a user-chosen path, and avoids overwriting existing directories.

Install this as a normal scaffolding helper if you want an agent to generate new skill skeletons. Provide a dedicated output directory, review generated files before use, and verify the remote repository before using the README's git or npx install commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The invocation examples include very broad natural-language phrases like asking for help to draft or scaffold a skill, which are common requests that may appear in broader conversations. In an agent skill router, this can cause unintended activation, leading the skill to generate files or take over a workflow when the user did not explicitly intend to invoke it.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README states that Claude writes the scaffold to a user-chosen path, but it does not prominently warn that this behavior creates or overwrites files on the filesystem. In agent environments, unclear disclosure around write actions increases the risk of surprising or unsafe file modifications, especially if the skill is auto-routed from a broad prompt.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The top-level description is broad enough to match common requests like 'design' or 'create a skill', which increases the chance of unintended activation outside the author’s intended scope. In an agent environment, over-broad routing can cause the wrong skill to steer behavior, leading to incorrect file generation, workflow disruption, or accidental override of more appropriate tooling.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger conditions use ambiguous natural-language phrases such as requests to 'draft', 'design', or having an 'idea' for a skill, without boundaries or disambiguation. This makes accidental invocation likely during ordinary conversation, which can misroute the agent into scaffold-generation behavior when the user intended analysis, editing, or discussion instead.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The manifest trigger condition is broad enough that the skill may activate for vague requests such as general explanation, drafting, or design help rather than only narrow scaffolding tasks. In an agent system, unintended invocation can override better-matched skills, inject irrelevant constraints, and cause misrouting or degraded behavior across unrelated user requests.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The front-matter activation condition uses broad natural-language triggers such as wanting a walkthrough or being unsure about a step, without tightly constraining when this examples file should be surfaced. In a routing system, overly broad activation can cause the skill to trigger in unrelated contexts, increasing misrouting risk and making the agent apply scaffolding guidance where it is not appropriate.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The guidance for `when` favors short, generic trigger phrases such as broad verb-led conditions, which can cause unintended skill activation when user requests only loosely resemble the intended use case. In a scaffolding skill that helps generate other skills, over-broad routing increases the chance of this skill intercepting unrelated requests and propagating flawed or overly generic skill patterns into downstream artifacts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal