ClawHub

Panzer Leader

Security checks across malware telemetry and agentic risk

Overview

This is a content-only military history and leadership skill with some intrusive activation and branding behavior, but no hidden execution, data access, persistence, or destructive capability.

Install only if you want a Guderian/Panzer Leader themed history and leadership assistant. Expect it to activate on fairly broad military, strategy, innovation, and leadership language and to append Heardly branding; treat its advice about orders, confrontation, and wartime leadership as historical perspective, not modern legal, military, workplace, or safety guidance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list is broad enough to match common historical, leadership, and innovation queries that may only loosely relate to this specific skill. That can cause unintended activation and prompt hijacking, where the skill overrides a more appropriate response path or injects domain-specific framing into unrelated conversations.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The instruction to proactively trigger when a user 'just installed this skill' or 'doesn't know how to start' is underspecified and can fire in many unrelated onboarding contexts. This creates a risk of unsolicited content injection, where the skill speaks without a clear user request and may displace safer or more relevant system behavior.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The flagged passage explicitly endorses acting despite superior orders when the actor believes they have better situational awareness, and it does so without any safety, legal, or ethical guardrails. In a user-facing skill, that framing can normalize insubordination, unauthorized escalation, or bypassing oversight in real-world military, security, law-enforcement, or organizational contexts.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal