ClawHub

Lofy Projects

Security checks across malware telemetry and agentic risk

Overview

This project-management skill is mostly coherent, but it needs review because it can persist project changes and proactively send meeting prep from broad conversational triggers.

Install only if you are comfortable with the agent reading and modifying a local project tracker. For safer use, add a personal rule requiring explicit confirmation before any JSON write or meeting-prep send, with a visible summary of the proposed change and the destination before anything is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description is broad enough to match many ordinary project- or work-related conversations, which can cause unintended activation. In this skill, unintended activation is more risky because the instructions direct the agent to read and then update a persistent project data file, so a casual discussion could trigger stateful changes without clear user intent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The condition 'When a meeting is detected' is ambiguous and can fire on incidental mentions of meetings rather than a clear request for meeting-prep behavior. Because the workflow includes pulling logs, listing blockers, generating questions, and proactively sending prep, ambiguous activation can expose sensitive project context or cause unsolicited actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The instructions say to always read the project file and update JSON after any project conversation, but the skill does not clearly warn the user that ordinary conversation can result in persistent data modification. In context, this is particularly dangerous because project records may contain deadlines, blockers, time logs, and academic information, so silent writes can corrupt data or create privacy surprises.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The instruction to 'Send prep 2 hours before' introduces proactive behavior without a user warning or clear consent model. In a project-management context, this can lead to unsolicited notifications or disclosure of project status, blockers, and meeting content at times or in channels the user did not intend.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal