ClawHub

My New Skill

Security checks across malware telemetry and agentic risk

Overview

This is an unfinished skill template, not an active skill with code, data access, or hidden behavior.

Safe to install from a security perspective, but it is not useful as-is. Treat it as a starter template and ask the publisher to replace the TODOs with a concrete purpose, trigger conditions, boundaries, and any future permission disclosures before relying on it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
97% confidence
Finding
The skill description is still placeholder TODO text, so the skill has no defined purpose, triggers, or boundaries. In an agent system, ambiguous activation guidance can cause the skill to be invoked in inappropriate contexts or applied too broadly, increasing the chance of unsafe actions or misuse.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The Overview section is incomplete and provides no concrete scope, assumptions, or safety constraints. Without clear invocation boundaries, downstream agents may infer capabilities that do not exist and take actions outside the author's intended domain.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The primary section heading and body remain TODO placeholders, leaving the operational workflow undefined. This absence of concrete procedures and constraints makes the skill context unusually permissive, which can lead to incorrect execution paths, overreach, or unsafe handling of user requests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal