ClawHub

get QA pairs from text or session

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill for turning chats or documents into Q&A and preference summaries, with a real privacy consideration around full-chat extraction but no hidden execution or exfiltration behavior.

Install this only if you are comfortable with the agent summarizing full conversations or uploaded documents into reusable Q&A and preference records. For private chats, ask it to process a specific excerpt or document and review the output before saving or sharing it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger description is very broad and matches common requests like summarizing a conversation, extracting decisions, or making flashcards. That can cause the skill to activate in situations where the user did not clearly intend a full conversation-wide extraction, increasing the chance of over-collection and disclosure of prior chat content.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs extraction of inferred preferences from the full conversation but does not warn the user that it may analyze earlier messages and derive profile-like information from them. This undermines informed consent and can surprise users by surfacing sensitive preferences or decisions they did not expect to be compiled.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill is designed to scan the current chat session and transform it into reusable Q&A and preference summaries, which creates a direct path for broad disclosure of previously shared user information. Because it emphasizes extracting 'every' exchange and implied preferences, it may reveal sensitive content that is not necessary for the immediate request.

Ssd 3

Medium
Confidence
97% confidence
Finding
The workflow and tips explicitly direct scanning from the first message and compiling all Q&A exchanges and inferred preferences, encouraging full-session retention and re-exposure in a structured output. In context, this is more dangerous because the skill's purpose is to convert conversational history into a reusable knowledge base, increasing persistence and visibility of potentially sensitive user data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal