ClawHub

Cognitive OS

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only reasoning and research skill whose broad search and tool-orchestration guidance is disclosed and aligned with its purpose.

Reasonable to install if you want a more structured research and reasoning workflow. For sensitive work, tell the agent when not to use external search, multilingual searches, workspace document tools, or memory, and require confirmation before writing to shared documents or saving information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation criteria are extremely broad and subjective, causing the skill to be invoked for a large share of interactions without clear boundaries. In a skill that prescribes routing, reasoning, and research behavior before action, this can override expected agent behavior, increase unnecessary tool usage, and widen the attack surface for prompt-injection or policy-conflict scenarios.

Vague Triggers

Medium
Confidence
94% confidence
Finding
Phrases like "Every non-trivial task" and "Complex tasks" are undefined operationally, so the skill can self-select into almost any workflow. Because this skill acts as a master protocol and entry point, ambiguous invocation expands control over agent behavior and may cause excessive reasoning, external lookup, or tool orchestration in contexts where those actions are unnecessary or unsafe.

Natural-Language Policy Violations

Medium
Confidence
86% confidence
Finding
The skill explicitly requires multilingual searching in both Chinese and English as a default behavior, without tying that expansion to user consent, task necessity, or privacy considerations. This can broaden external data disclosure, create unexpected cross-border/query-sharing behavior, and retrieve information from different regulatory or trust environments than the user intended.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal