ClawHub

Benefits Navigator

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate benefits-help guide, but it asks the agent to store and remind on sensitive benefits, income, household, and health-related details without clear consent or deletion controls.

Review before installing. Use this only if you are comfortable with local files and calendar reminders about benefits activity. Ask the agent to keep screening in-session unless you explicitly request saving, use generic reminder names, avoid storing Social Security numbers, bank details, medical specifics, or confirmation numbers, and delete tracker files when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill is presented as an informational benefits guide, but it instructs the agent to create local screening files containing household size, income, state, and benefits eligibility data. That is a material expansion from guidance into data collection and persistence of sensitive personal information, increasing privacy and security risk if the host device, account, or agent workspace is accessed by others.

Description-Behavior Mismatch

Medium
Confidence
74% confidence
Finding
The skill is described as entirely US-specific, yet it instructs the agent to research and substitute foreign-country programs. This broadens scope beyond the advertised domain and can cause the agent to provide unsupported or inaccurate benefits guidance in other jurisdictions, especially where eligibility rules are complex and fast-changing.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The skill directs the agent to save sensitive household and benefits screening data to the filesystem, including income, location, and special circumstances. This creates a high-risk local record of socioeconomic and potentially health-related information without any stated need for strong protection, consent, access controls, or deletion, making disclosure or misuse more likely.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
Calendar reminder creation for benefits follow-up and recertification turns a reference skill into an ongoing task-management system that persists sensitive case metadata over time. Reminder titles, notes, and dates can reveal benefit applications, disability status, unemployment, or other hardship information to anyone with access to the calendar or notifications.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs the agent to save highly sensitive screening information locally without warning the user that their income, household composition, state, and hardship-related details will be retained. Lack of transparency removes the user's ability to make an informed choice about storage of sensitive personal data.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill tells the agent to track applications and set reminders for benefits cases without disclosing that sensitive benefits participation data will be persisted. This can expose private financial, family, health, or disability-related information through local files and calendar artifacts, especially on shared systems.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The instruction to create a master tracking document centralizes identity and benefits-case data in one place without any warning about retention. A single file containing application statuses, documents, and deadlines can become a sensitive dossier useful for profiling, discrimination, or social engineering if exposed.

Missing User Warnings

High
Confidence
99% confidence
Finding
The persisted agent state includes highly sensitive household, income, dependent, disability-document, and benefits application information with no user warning or consent flow. Because this state is designed to persist across sessions, it creates an ongoing privacy and confidentiality risk far beyond what users would reasonably expect from a benefits information guide.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal