ClawHub

Qa Gate

Security checks across malware telemetry and agentic risk

Overview

This QA skill is a normal review checklist, but it needs review because it claims to be read-only while also telling the agent to edit artifacts and create report files.

Install only if you are comfortable with a QA workflow that may create report files and direct the agent to edit documents or code after failures. For safer use, ask it to report findings first, require explicit approval before fixes, and avoid dual cross-model validation for sensitive content unless you understand where the content will be sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The skill says it only inspects artifacts, but Step 4 directs the agent to fix failed artifacts and re-validate them. That turns a supposedly passive review skill into one that may alter user documents or code without clear authorization, increasing the risk of unintended or unsafe changes.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The skill says it only inspects artifacts, but Step 4 directs the agent to fix failed artifacts and re-validate them. That turns a supposedly passive review skill into one that may alter user documents or code without clear authorization, increasing the risk of unintended or unsafe changes.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases are broad enough to match common requests like 'proofread this' or 'final check,' which can cause the skill to activate in many ordinary contexts without clear user intent. Over-broad invocation increases the chance of unexpected behavior, especially because the skill includes file-writing and possible artifact modification steps.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The usage guidance says the gate should run on nearly any artifact before review, making the scope overly expansive. In practice, this can cause the skill to be auto-selected for a wide range of tasks where users did not intend a potentially state-changing QA workflow.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to write a validation report into the workspace but does not warn the user that files will be created. Silent filesystem writes violate least surprise and can be abused to leave artifacts, overwrite expected paths, or create compliance issues in read-only or sensitive environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal