ClawHub

Ad Copy Writer

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed ad-copy helper that uses a WeryAI API key to generate marketing text, with no evidence of hidden persistence, destructive behavior, or credential theft.

Install only if you trust WeryAI with the product briefs, campaign details, source copy, prompts, and API-key-funded usage you submit. Use dry-run to inspect payloads, avoid confidential or regulated business data unless WeryAI is approved for it, and keep WERYAI_BASE_URL unset or pointed only at a trusted WeryAI-compatible endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
This file exposes a generic model-enumeration capability by calling /v1/chat/models and returning the full filtered model list, which goes beyond the stated ad-copy-writer purpose of generating marketing text. In an agent setting, this kind of scope expansion can aid capability discovery, provider fingerprinting, and unauthorized workflow composition, especially if downstream policy relies on the skill manifest to constrain behavior.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase 'Write 5 ad copy variations for a productivity app launch' is broad natural language that can overlap with ordinary writing requests, increasing the chance the skill activates when the user did not explicitly intend to invoke it. In an agent environment, over-broad triggering can route unrelated content into a persuasive-copy skill, causing misexecution, prompt hijacking surface expansion, and unintended handling of user data.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger 'Turn this product brief into landing page copy with a stronger CTA' is ambiguous because rewriting a brief into polished copy is a common general writing task, yet this test marks it as sufficient to activate the skill. That broad match can make the skill capture adjacent drafting requests outside its intended scope, leading to incorrect tool selection and making it easier for adversarial phrasing to steer agent behavior through seemingly ordinary requests.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal