ClawHub

Quote Swarm

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent smart-home quote workflow, but it asks the agent to create persistent files in the user's home directory despite only declaring read and network permissions.

Install only if you are comfortable with the skill creating files under ~/.workbuddy/tasks and ~/WorkBuddy/quotes and potentially using external processing tools for customer floorplans or images. Prefer invoking it explicitly by name, review generated files, and avoid using sensitive customer material unless you control where outputs and network processing go.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Scope Creep

High
Confidence
98% confidence
Finding
The skill explicitly instructs creation of directories and multiple files under the user's home directory even though it only declares file-read permission. This creates a permission/behavior mismatch that can mislead users and orchestrators, and if the skill is invoked it would persist data and artifacts without clear authorization boundaries.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad, generic business terms like '报价', '出方案', and '报价方案', which can match ordinary conversation and cause unintended invocation. Because the skill has network access and documented persistence/output behavior, accidental activation could lead to unnecessary data processing and artifact generation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill documents creation of task state and deliverables under home-directory paths, but it does not prominently warn that directories and files will be created there. Hidden or under-disclosed persistence increases the risk of surprising side effects, privacy exposure, and accumulation of sensitive customer/project data on disk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal