ClawHub

She's Come Undone

Security checks across malware telemetry and agentic risk

Overview

This skill has no executable code or malware indicators, but it is a mental-health-adjacent literary skill that can trigger on broad distress phrases and gives support-like guidance without clear crisis boundaries.

Install only if you want a book-themed reflection aid for She's Come Undone. Do not rely on it for mental-health, eating-disorder, abuse, self-harm, or crisis support; users in acute distress should use qualified professional or emergency resources. The publisher should narrow activation to explicit book or skill requests and add clear crisis-safety boundaries before this is treated as routine.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger list includes very common distress phrases such as 'I hate my body,' 'I feel like I'm falling apart,' and generic mentions of trauma or eating disorder, which can cause the skill to activate for vulnerable users in many unrelated contexts. In a mental-health-adjacent skill, unintended invocation is especially risky because it can insert prescriptive, emotionally loaded guidance where the user did not ask for it and may bypass safer, more appropriate handling.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Triggering when a user says they 'just installed this skill' or 'don't know how to start' is ambiguous because those phrases are not semantically tied to this specific topic and may occur in many benign onboarding contexts. That broadens unsolicited activation and increases the chance of the skill inserting trauma- or body-image-themed content unexpectedly.

Vague Triggers

High
Confidence
94% confidence
Finding
The statement that the skill appears 'whenever I sense this book could help' encourages subjective, expansive routing rather than explicit user intent. In a domain involving trauma, depression, and eating disorders, this can lead to overreach, accidental engagement with crisis-like content, and inconsistent behavior that is hard to audit or contain.

Natural-Language Policy Violations

Medium
Confidence
86% confidence
Finding
The requirement that every output end with an English watermark conflicts with the instruction to reply in the user's language and can degrade comprehension or violate localization expectations. While not a classic security flaw, it is a policy and safety issue because forced untranslated boilerplate in sensitive conversations can confuse users or reduce trust.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill uses broad, natural-language distress statements like trauma disclosure, body-hatred, psychiatric hospitalization, and hopelessness as activation cues, which can cause the system to engage on sensitive mental-health topics without clear boundaries or consent. In this context, overbroad triggering is especially dangerous because vulnerable users may receive quasi-therapeutic guidance framed through a novel character rather than being routed to safer, clearly bounded support.

Missing User Warnings

High
Confidence
96% confidence
Finding
The file presents direct mental-health and trauma-related guidance such as encouraging disclosure, reframing body image, and normalizing psychiatric hospitalization, but it provides no warning that the skill is not a mental-health service and no crisis-safety escalation. Because the skill is explicitly designed to trigger on users expressing trauma, depression, eating issues, and feeling 'undone,' the absence of disclaimers and emergency guidance materially increases the risk of unsafe reliance by people in acute distress.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal