ClawHub
Back to skill

Security audit

Routing Optimization

Security checks across malware telemetry and agentic risk

Overview

This skill appears to analyze routing logs and suggest routing improvements without hidden execution, data export, or automatic system changes.

Before installing, confirm what dispatch logs will be analyzed, avoid storing raw sensitive user prompts when possible, keep automatic optimization disabled unless reviewed in staging, narrow broad keywords for production use, and manually approve any routing-rule changes suggested by the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly describes collecting routing hit-rate, accuracy, and satisfaction data, but gives no privacy notice, minimization guidance, retention limit, or consent model. In a routing system, logs may contain user queries, patterns, and feedback that can expose sensitive content or behavioral profiling if stored or reused without safeguards.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The A/B testing flow reuses user queries across multiple routing strategies and anticipates user ratings, but does not warn users that their inputs may be used in experiments or evaluation. This creates privacy and trust risks and can also introduce unauthorized experimentation on live user traffic if adopted as written.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The keyword lists contain very broad, everyday terms such as 'code', 'search', 'learn', 'write', 'design', and 'task', which can cause the skill or related routing logic to activate for benign or unrelated user requests. If these keywords drive capability selection automatically, users may be misrouted, have data sent to the wrong subsystem, or trigger unintended actions without clear consent.

VirusTotal

No VirusTotal findings

View on VirusTotal