ClawHub

Brand Commercial OS

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed business-content drafting tool with local sample output persistence, but it does not show hidden access, credential use, exfiltration, or automatic publishing.

Install only if you are comfortable using it as a drafting assistant for commercial material. Review claims, pricing, endorsements, comparisons, and compliance-sensitive language before sharing or publishing, and avoid running the sample script with confidential business data on shared machines unless you control or delete the saved JSON output.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The code documents that failed content consistency checks must be corrected before final output, but the implementation only records issues in a report and continues producing deliverables. In a system that generates external-facing business, compliance, and negotiation materials, this can allow prohibited claims, inconsistent facts, or non-compliant messaging to be emitted despite detection.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The quality gate claims outputs must pass factual, forbidden-term, completeness, and executability checks and be sent back for correction on failure, but the implementation is largely static and does not enforce remediation loops. This creates a false sense of safety and can allow incomplete or policy-violating negotiation artifacts to be treated as approved outputs.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly says generated cross-platform content can be 'directly published' and only 'micro-adjusted based on feedback,' which encourages users to deploy AI-generated public-facing content without mandatory factual, legal, or brand review. In a business negotiation and brand-management context, this increases the risk of publishing false claims, unapproved marketing statements, IP/trademark issues, or noncompliant advertising content at scale.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script writes a JSON file containing brand, partner, pricing, and negotiation data to local storage without any explicit consent, minimization, retention policy, or access controls. In agent or shared-runtime environments, this can expose commercially sensitive information, leak business relationships, or create compliance issues if the file is accessible beyond the intended user session.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal