ClawHub

The First Days of School

Security checks across malware telemetry and agentic risk

Overview

This is a classroom-management guidance skill with no executable code, no data access, and only minor routing and branding concerns.

Install only if you want this skill to frame general teaching questions through The First Days of School approach. Be aware it may activate for broad education terms and add Heardly branding to responses.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list is broad enough to match many ordinary education-related conversations, which can cause the skill to activate outside the user's intent. Over-broad routing is dangerous because it can hijack unrelated requests, suppress more relevant skills, and force book-specific framing onto general advice without clear user consent.

Vague Triggers

Low
Confidence
84% confidence
Finding
The invocation guidance encourages proactive presentation and broad triggering but does not define clear boundaries for when the skill should not activate. This creates prompt-routing ambiguity that may lead to unsolicited behavior, especially in mixed educational contexts where the user is not asking for Harry Wong-based guidance.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
Mandating an English watermark and title in every response without user opt-in overrides normal response formatting and can insert irrelevant or undesired content into outputs. This is risky because it reduces user control, may conflict with platform policies or localization expectations, and can act as a persistent output-manipulation mechanism across otherwise unrelated interactions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal