ClawHub

The Hundred Years' War on Palestine: A History of Settler Colonialism and Resistance, 1917–2017

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed, text-only history skill with no executable code or data access, though users should know it presents a specific Palestinian/Khalidi framing and may activate on broad topic terms.

Install this if you want a guided summary of Khalidi's book and its Palestinian settler-colonial framework. For neutral research or debate preparation, compare it with other historical perspectives, and be aware that broad topic mentions may invoke this skill's framing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list is extremely broad and includes many common topical terms such as 'Palestine,' 'Gaza,' 'Jerusalem,' and 'occupation,' which can cause the skill to activate in conversations where the user did not intend to invoke this specific book-framed perspective. In a politically sensitive domain, unintended invocation can bias responses, override user intent, and create prompt-routing conflicts with other skills or general-purpose assistant behavior.

Vague Triggers

Low
Confidence
83% confidence
Finding
The instruction to proactively present the Quick Start when the user 'just installed this skill' or 'doesn't know how to start' is ambiguous and may cause unsolicited behavior without a clear user request to use this skill. While not directly enabling code execution or data theft, it can lead to unwanted activation and response hijacking, especially when the assistant is expected to remain neutral until the user chooses a tool.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal