ClawHub

Beyond Band Of Brothers

Security checks across malware telemetry and agentic risk

Overview

This is a text-only WWII leadership companion with some broad and promotional response instructions, but no evidence of unsafe access or hidden actions.

Install this if you want a Dick Winters / WWII leadership reference. Expect it to append Heardly branding and possibly appear on broad leadership or combat-related prompts; avoid installing if you want strict, book-only invocation without promotional recommendations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill includes instructions to proactively present app-wide onboarding and steer users toward other Heardly skills, which goes beyond the declared Dick Winters/WWII leadership scope. This creates scope drift and unauthorized routing behavior that can override user intent, increasing the chance of unsolicited promotion or data flow into unrelated skill contexts.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The cross-book recommendation rule embeds promotional and app-routing behavior inside a content skill that is supposed to answer questions about a specific book. This can be exploited to redirect users off-topic, bias responses, and create hidden marketing behavior not justified by the skill's stated function.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list contains broad terms such as 'leadership' and 'combat' that are common in unrelated conversations, making accidental invocation likely. Overbroad activation can cause the skill to hijack normal interactions, inject irrelevant instructions, and force its watermark or onboarding into contexts where the user did not request this skill.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The condition that the skill should trigger when a user 'just installed this skill' or 'doesn't know how to start' is ambiguous and not tied to clear invocation boundaries. This can lead to unsolicited activation and forced onboarding in unrelated sessions, reducing user control and making prompt injection or behavior override more effective.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal