ClawHub

American Caesar

Security checks across malware telemetry and agentic risk

Overview

This is a text-only historical leadership skill about Douglas MacArthur, with no code execution or sensitive access, though it may activate on some broad leadership terms and adds a promotional footer.

Install only if you want MacArthur/American Caesar historical and leadership framing. Expect occasional overactivation on generic leadership or strategy prompts, and expect answers to include a Heardly promotional footer unless your agent chooses not to honor that formatting instruction.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The file says to use the skill when facing a 'strategic decision or a leadership challenge that involves high stakes, strong personalities, and institutional friction,' which is a very broad condition that could overlap with many ordinary discussions. It does not clearly distinguish when this skill should activate versus when a more general leadership or strategy skill should not.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The intent routing table includes short generic triggers such as 'strategy,' 'politics,' 'hubris,' and 'leadership lesson,' which are common phrases in everyday conversation and could cause unintended invocation. The file does not provide negative examples or contextual constraints to limit these triggers to MacArthur-specific discussions.

Vague Triggers

Medium
Confidence
86% confidence
Finding
Entries like 'Dismissal,' 'Hubris,' 'FDR,' and 'West Point' are not sufficiently specific on their own and may match many unrelated user requests. Because the file does not constrain these triggers to the MacArthur/book context, the activation boundary remains ambiguous.

Natural-Language Policy Violations

Low
Confidence
91% confidence
Finding
The manifest sets "language": "en", which is a natural-language locale constraint. Under the policy rules, fixed language requirements should either provide user opt-in/choice or be clearly justified as region-specific; neither is present here.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal