ClawHub

Eternal Haven Lore Pack

Security checks across malware telemetry and agentic risk

Overview

This is mostly a self-contained lore reference pack, but it includes an instruction for agents to read from an external Windows folder outside the skill bundle.

Review before installing. The skill appears to be a lore pack with no executable code, but agents should be constrained to read only the bundled references/books files and ignore the D:\FULL ADUIO BOOKS\... instruction. Be aware it also includes optional donation and cryptocurrency payment details that may be shared in support-related contexts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The skill first declares that canon is bundled in local skill-relative files, but later instructs the agent to read from an external absolute Windows path. That inconsistency can cause the agent to access files outside the skill package, expanding the trust boundary and potentially exposing unrelated local data if path handling or retrieval behavior is permissive.

Context-Inappropriate Capability

Low
Confidence
83% confidence
Finding
Including donation links and cryptocurrency addresses gives the skill a monetization/social-engineering capability unrelated to its stated lore-reference purpose. Even though it says to share them only when asked, this creates a pathway for the agent to solicit or route funds based on untrusted skill content rather than core platform policy.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The instruction to read from `D:\FULL ADUIO BOOKS\…` tells the agent to access an external local filesystem location without warning or consent. In an agent environment with file tools, this can lead to unintended local file access, disclosure of host-specific data, and behavior that users would not reasonably expect from a lore pack.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal