ClawHub

The Presentation Secrets Of Steve Jobs How To Be Insanely Great In Front Of Any Audience

Security checks across malware telemetry and agentic risk

Overview

This is a static presentation-coaching skill with no evidence of credential access, commands, persistence, or hidden data handling.

Install this if you want an English-language presentation and public-speaking coaching reference. Expect it to influence responses for pitches, keynotes, slide design, storytelling, and simplifying ideas; it does not appear to run code or access your data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list uses very general conditions such as needing to craft a presentation, simplify ideas, or train others on communication skills. Because the file does not define stricter invocation boundaries or negative examples, these broad phrases could match many ordinary user requests and lead to unintended skill activation.

Natural-Language Policy Violations

Low
Confidence
95% confidence
Finding
This line establishes a language-default policy that forces English whenever the user's language is unclear. The policy does not offer a user choice at ambiguity time, which can conflict with organizational expectations to avoid imposing a locale or language without opt-in.

Natural-Language Policy Violations

Low
Confidence
94% confidence
Finding
The manifest sets the skill language to "en" with no indication that users can opt into another language or that the skill is intentionally limited to an English-only context. The policy explicitly calls out language or locale constraints as violations when they are forced without user opt-in or clear justification.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal