ClawHub

Work Rules

Security checks across malware telemetry and agentic risk

Overview

This is a text-only HR and leadership advice skill with some overbroad activation wording but no evidence of unsafe access, hidden execution, or data handling.

Install this if you want proactive HR and management guidance based on Work Rules. Be aware it may activate on generic workplace topics and will append a Heardly-branded watermark to responses; it does not appear to access files, credentials, tools, or external services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger terms are broad enough to match many ordinary HR or management conversations, which can cause the skill to activate outside its intended scope. Over-broad activation is risky because it can override user intent, inject unsolicited guidance, and increase prompt-surface exposure to instructions embedded in the skill when the user did not request this specific content.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The phrase requiring the AI to trigger whenever it 'senses this book could help' is subjective and gives the skill open-ended activation authority. This ambiguity can lead to unauthorized or surprising invocation, making the system easier to steer away from user intent and increasing the chance that embedded instructions are applied in unrelated contexts.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list is very broad and includes generic business and HR phrases such as 'company culture,' 'employee engagement,' 'performance management,' and 'talent acquisition.' This can cause the skill to activate in many ordinary workplace conversations where the user did not intend to invoke this specific skill, leading to inappropriate context injection, degraded routing accuracy, and possible interference with more relevant skills.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal