ClawHub

Decision Trees

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward decision-tree helper with an optional local calculator and no evidence of hidden access, network activity, credential use, or unsafe automatic behavior.

Install is reasonable for normal use. Treat it as a decision-structuring aid, not professional financial, legal, medical, or business advice. If you run the optional Python calculator, only point it at files you intended to use and avoid saving over important files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill declares no permissions, yet it instructs use of a local script path (`scripts/decision_tree.py`) and JSON file input, implying file read and possibly file write capability outside an explicitly permissioned model. This creates a mismatch between what the skill appears allowed to do and what it operationally encourages, which can lead to unintended filesystem access or unsafe trust by downstream systems and users.

Description-Behavior Mismatch

Medium
Confidence
75% confidence
Finding
The skill advertises decision-tree analysis, but it also writes collected decision data to an arbitrary local path chosen at runtime. In an agent-skill context, this capability expansion is risky because it enables persistence of potentially sensitive user data and arbitrary file overwrite behavior beyond the stated analysis purpose.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README describes the skill as applicable to 'complex decision-making across all domains' and lists broad triggers like 'should I', 'what if', and 'evaluate options' without meaningful boundaries. In an agent system, this can cause overbroad activation, making the skill fire in sensitive, high-stakes, or inappropriate contexts and potentially steer users with simplistic expected-value framing where domain-specific safeguards are needed.

Vague Triggers

Medium
Confidence
73% confidence
Finding
The trigger list includes very generic phrases such as 'should I', 'what if', 'evaluate options', and 'compare alternatives', which are common in ordinary conversation and can cause the skill to activate outside its intended context. Overbroad activation increases the attack surface by routing unrelated user prompts into this skill, potentially causing inappropriate tool suggestions, accidental file/script usage, or degraded agent behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal