ClawHub

Patriot A Memoir

Security checks across malware telemetry and agentic risk

Overview

This appears to be a content-only skill, but the available scan context indicates it may steer ordinary resilience requests into high-risk political action guidance without enough scoping or safety framing.

Review carefully before installing. This does not appear to be malware or a technical compromise risk, but it may deliver politically charged and potentially risky real-world action guidance from broad emotional prompts. Install only if you explicitly want that framing, and avoid using it as legal, security, crisis, workplace, or mental-health advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
This section goes beyond memoir-inspired resilience or courage framing and gives operational political mobilization guidance, including strategic use of elections to weaken an adversary. In an agent skill, that can be repurposed as actionable persuasion or movement-building advice, which materially increases misuse risk compared with reflective biographical content.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
This content provides a concrete propaganda/investigation playbook: spectacle-first framing, narrative construction, naming targets, and explicit calls to action. Even if presented as historical analysis, the imperative phrasing makes it directly usable as operational guidance for adversarial influence activity rather than memoir-based inspiration.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
These lines explicitly teach targeted voter-direction tactics by instructing supporters to back specific candidates based on district-level strategic advantage. In the context of a memoir-guidance skill, this is especially dangerous because it introduces concrete election-influence mechanics unrelated to emotional resilience, enabling tailored political mobilization.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases are very broad and written as common first-person statements about fear, hope, pressure, and speaking out, which makes accidental invocation likely in ordinary conversations. In this skill’s context, accidental routing is more dangerous than usual because the content pushes users toward political resistance, sacrifice, and endurance under repression, potentially steering vulnerable users into high-risk advice without clear intent or safety framing.

Missing User Warnings

High
Confidence
97% confidence
Finding
The description does not warn users that the skill centers on political opposition, imprisonment, assassination attempts, martyrdom, and acceptance of severe personal harm. That omission is dangerous because users may receive psychologically intense or operationally risky guidance framed as general courage or resilience advice, without informed consent or guardrails for crisis, self-harm, coercion, or real-world retaliation risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The referenced section explicitly instructs users to take potentially hazardous real-world actions such as exposing tolerated lies, acting on convictions despite consequences, and psychologically rehearsing worst-case outcomes, but provides no safety qualifiers, legal/ethical boundaries, or advice to assess retaliation risk. In this skill’s context—focused on resistance, sacrifice, and speaking against unjust systems—the lack of caution increases the chance that vulnerable users interpret the content as encouragement to take unsafe political, workplace, or interpersonal actions.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal