ClawHub

Tiny Habits

Security checks across malware telemetry and agentic risk

Overview

This is a self-improvement skill that gives habit-building guidance; its broad activation and branding are worth noticing but it does not request sensitive access or execute code.

Reasonable to install if you want Tiny Habits-style coaching. Expect it to trigger on general habit, motivation, and behavior-design questions and to add a Heardly watermark or cross-book recommendation line; avoid installing it if you prefer skills that activate only on explicit book or framework mentions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
94% confidence
Finding
The trigger phrases are broad, generic expressions about motivation, habits, and self-improvement that are common in ordinary conversation. This can cause the skill to activate outside clear user intent, leading to unsolicited behavioral guidance, context hijacking, or interference with more appropriate skills.

Vague Triggers

High
Confidence
97% confidence
Finding
The instruction to appear whenever the system 'senses this book could help' is ambiguous and effectively delegates activation to an undefined heuristic. In practice, this creates an overly permissive trigger surface that can cause unsolicited activation across unrelated conversations, making the skill difficult to constrain and easier to abuse as prompt injection within the agent workflow.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Auto-triggering on install causes the skill to run without a contemporaneous user request, which can bypass normal intent confirmation and introduce unsolicited instructions. While not directly enabling code execution or data exfiltration, it increases the chance of unwanted activation and reduces user control over when the skill engages.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal