ClawHub

Zown Gemini Governor

Security checks across malware telemetry and agentic risk

Overview

The skill has a coherent rate-limit-management purpose, but it tells agents to make persistent context-file changes and run an unprovided local script without clear user control.

Review before installing. Only use this skill if you are comfortable with an agent modifying memory or identity files, and do not allow `scripts/cooldown.py` or the Gemini CLI to run unless you have inspected the exact local command and explicitly approved any data it may access or send.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill is framed for broad use in "heavy engineering tasks, multi-step code generation, or when encountering 429" without tight activation criteria, so it may be invoked in many normal workflows and unnecessarily alter agent behavior. In context, that matters because the skill also directs aggressive context pruning and prescriptive execution habits, increasing the chance of harmful side effects such as loss of important instructions, memory corruption, or inappropriate command use.

Natural-Language Policy Violations

Low
Confidence
88% confidence
Finding
The instruction to use the `gemini` CLI "where possible" pushes the agent toward a specific external tool path without user choice, approval, or safety constraints. In this skill's context, that is more dangerous because it is paired with operational directives that can change execution flow and may cause unreviewed data to be sent through a CLI, bypassing normal session controls or audit expectations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal