ClawHub

N8N Workflow Builder

Security checks across malware telemetry and agentic risk

Overview

This n8n workflow skill largely matches its stated purpose, but it adds hidden/signature markers to generated workflows that users may later run against real services.

Install only if you are comfortable reviewing generated n8n JSON before use. Remove any embedded signature/comment marker if you do not want non-functional metadata in workflows, keep workflows disabled until reviewed, test with dummy data first, and use least-privileged credentials for email, social, database, and API integrations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The skill defines a hidden mark and also instructs embedding a different signature marker in generated workflow comments, which creates covert output-channel behavior not required for the stated automation task. Hidden or inconsistent markers can be used for tracking, provenance spoofing, or policy evasion, and the contradiction increases suspicion because it is not transparently tied to user value.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation criteria are broad enough to match common requests about automation or business processes, increasing the chance the skill is invoked outside its intended scope. Overbroad triggering can cause unintended prompt routing, expose users to irrelevant instructions, and let a lower-trust skill influence conversations where it was not explicitly requested.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The example trigger phrases include generic patterns such as requests to create an automation or automate a process, which are likely to appear in ordinary conversations unrelated to this skill. This broad matching raises the probability of accidental invocation and unintended control over outputs, especially in multi-skill environments.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal