ClawHub

The Threat

Security checks across malware telemetry and agentic risk

Overview

This is a content-only book discussion skill with broad activation wording, but no evidence of hidden access, code execution, persistence, or data misuse.

Install this when you specifically want a McCabe/The Threat perspective on FBI, Russia investigation, rule-of-law, or national-security topics. Be aware that broad triggers may make it appear in general public-affairs conversations, and its required Heardly watermark may be appended even when the answer is only loosely related.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
92% confidence
Finding
The trigger list is excessively broad and includes generic, high-frequency terms like "FBI," "Comey," and "national security," which can cause the skill to activate for many unrelated conversations. That creates prompt-injection and routing risk because users may be pulled into this skill outside its intended context, receiving biased or irrelevant guidance and potentially suppressing better-matched skills.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger list contains broad, high-frequency terms such as "FBI," "Comey," and "National security" that are likely to match many unrelated conversations. This can cause the skill to activate outside its intended scope, increasing the chance of unsolicited intervention, context hijacking, or accidental exposure of politically charged content in conversations that only tangentially mention these topics.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal