ClawHub

Ryder-Super-Pack

Security checks across malware telemetry and agentic risk

Overview

This markdown-only skill is not clearly malicious, but it asks agents to automate sensitive business, legal, finance, memory, file, and external-delivery workflows without enough user-control safeguards.

Install only if you want a broad automation skill and will supervise it closely. Require explicit approval before any exec command, memory read/write, heartbeat task, file creation or overwrite, financial/legal/customer-data processing, workspace cleanup, deployment, or Telegram/Discord delivery; restrict it to named files, approved services, and non-sensitive data unless you have verified authority and retention rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
Findings (16)

Context-Inappropriate Capability

Medium
Confidence
78% confidence
Finding
The reference encourages use of `exec` with external binaries like `pdftotext` and `yt-dlp` for content acquisition, which expands the attack surface from passive research into command execution and third-party tooling. In a high-stakes agent skill, this can lead to unsafe processing of untrusted inputs, unexpected network access, and execution of environment-dependent tools without clear justification or safety constraints.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill instructs the agent to maintain a `CONTENT_CALENDAR.csv` in the workspace without telling the user that a file will be created or modified. In an agent environment, undisclosed writes can surprise users, overwrite existing planning artifacts, or create persistent state the user did not explicitly authorize, which is a genuine safety issue even if the action is operationally benign.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The reference encourages use of code execution and autonomous generation of workspace files such as reports, journal entries, and close-status artifacts without any warning or confirmation step. In an agent setting, this can lead to unintended local file modification, incorrect financial records, or execution of scripts against sensitive data with minimal user awareness.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill directs the agent to perform network access via web_search and web_fetch for SEC filings and market news without informing the user that external requests will be made. In a high-stakes professional setting, undisclosed network activity can create privacy, compliance, and data-handling risks, especially if prompts or identifiers are sent to third-party services.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The DSR workflow directs the agent to search for and package all personal data related to a requester, but it lacks safeguards for identity verification, authorization checks, data minimization, and secure output handling. In an agentic environment with grep, memory search, and write capabilities, this can cause over-collection or disclosure of unrelated personal data if triggered improperly or used on the wrong subject.

Missing User Warnings

Low
Confidence
81% confidence
Finding
The meeting briefing guidance instructs web searches and background summaries of external participants without any privacy, relevance, or source-quality constraints. While less severe than direct data export, it can still encourage unnecessary profiling, reputationally harmful summaries, or collection of sensitive personal information from unreliable public sources.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to automatically generate a marketing report and deliver it via external channels such as Telegram or Discord, but it does not require user confirmation, recipient validation, or data classification checks first. In a marketing workflow, reports commonly contain campaign metrics, customer segments, budget data, or other business-sensitive information, so automatic outbound transmission creates a realistic risk of unintended data disclosure.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Using 'user mentions a competitor' as the trigger is overly broad and can cause the agent to initiate competitive-intelligence actions during ordinary discussion rather than in response to a clear request. In practice this can lead to unnecessary external lookups, unprompted generation of battlecards, and surprise collection or processing behavior that the user did not intend.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to use `exec` to move stale files into an `archive/` folder without requiring explicit user confirmation, preview, scope limitation, or safeguards against misclassification. In an agent environment, this can cause unintended modification of workspace contents, disrupting active projects or hiding important files if the cleanup logic is wrong or overly broad.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The workflow directs the agent to read invoice files and write extracted data into `FINANCE_TRACKER.csv` without warning about handling sensitive financial information or confirming permission to process those documents. This creates a risk of unauthorized access, data leakage, incorrect aggregation of financial records, or accidental modification of sensitive business data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This section instructs the agent to create and update repository files such as PRDs and ROADMAP.md, and to use exec/subagent workflows, but it does not require explicit user confirmation before modifying workspace contents. In a high-stakes agent skill, silent file creation or overwriting can cause unintended repository changes, pollute project history, or encode incorrect assumptions into planning artifacts.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The workflow directs the agent to synthesize project and research data into files like RETRO.md and PERSONA_[NAME].md without warning that derived artifacts will be written to disk. This is risky because sensitive interview content or internal project assessments may be transformed into durable files without user awareness, increasing exposure of confidential information and creating misleading or unwanted records.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrase "Prep me for my call with [Company]" is broad and directly maps to a workflow that performs research and accesses prior interaction memory. Without explicit activation constraints, confirmation, or scope checks, a user can inadvertently trigger external data gathering and internal memory access, increasing the risk of unintended data use in a high-stakes sales context.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The instruction to create a `RESEARCH_[COMPANY].md` file introduces persistent file creation without any user-facing disclosure or consent. Silent persistence can expose sensitive prospect research, create data retention issues, and surprise users who expected only conversational output.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs the agent to check `memory/` for prior interactions without any privacy warning, consent gate, or limitation on what prior data may be used. In a sales setting, prior interactions may contain personal, confidential, or cross-account information, so undisclosed access materially increases the risk of privacy breaches and inappropriate data reuse.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The asset-creation instructions direct the agent to write files such as `PROPOSAL_[COMPANY].md` without disclosing this persistence to the user. In professional sales workflows, these files may contain customer-specific notes or strategy content, so undisclosed storage can create confidentiality, retention, and workspace hygiene risks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal