ClawHub

novel-writer

Security checks across malware telemetry and agentic risk

Overview

This is a creative-writing helper with broad activation phrases but no code execution, credential use, data access, or persistence.

Install this if you want a specialized helper for Tomato-style Chinese urban sci-fi fiction. Consider invoking it explicitly for that genre, and avoid relying on it for general writing tasks where another language, platform style, or genre should take priority.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list includes very common writing-related phrases such as '写小说', '小说创作', and '角色塑造', which can cause the skill to activate in routine conversations that did not intend to invoke this specific behavior. Over-broad auto-activation increases the chance of prompt-context hijacking or unintended instruction injection, especially in environments where multiple skills may compete for activation.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes very broad phrases such as 小说创作, 情节设计, 角色塑造, and 小说大纲, which can match many ordinary writing requests beyond this narrowly described urban sci-fi novel skill. Over-broad routing can cause the agent to invoke this skill in inappropriate contexts, biasing outputs toward a fixed genre/style and reducing user control over task selection and instruction fidelity.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
The skill content strongly fixes the role and style in Chinese/Tomato-platform context without indicating that the user can choose another language or opt out of the stylistic constraint. This can override user preferences or cause mismatched outputs, especially when the invoking request is in another language or asks for a different literary style.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal