ClawHub

Geo Poison Detector

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed product-recommendation safety checker that uses a small local script and optional webpage fetching for user-requested URL checks.

Install this if you want product recommendations and product-related articles annotated with heuristic risk checks. Avoid sending private or sensitive URLs for analysis, and treat the generated verdicts as prompts for manual verification rather than proof that a product is safe or fake.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The auto-trigger condition applies whenever the agent is 'about to recommend a specific product or brand,' which is broad enough to activate in many normal conversations. Overbroad triggering can cause unintended network access, irrelevant policy injection, or user confusion by modifying responses even when no explicit check was requested.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The quick-check trigger list includes a catch-all phrase covering 'any message asking to verify a specific product by name,' which is subjective and hard to bound. Ambiguous triggers increase the chance of accidental invocation, leading to unnecessary processing, unexpected external lookups, or inconsistent agent behavior.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The URL-analysis trigger allows activation based on broad source/domain conditions rather than clear user intent, and then instructs use of `web_fetch`. This can lead to unsolicited retrieval of external content, which raises privacy, consent, and SSRF-style policy concerns in systems that let agents fetch arbitrary URLs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal