ClawHub

Everyday Help Activator

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it asks the agent to keep ongoing local records about real people and their reactions without privacy limits.

Install only if you are comfortable with the agent keeping local notes about real-world interactions. Avoid names, unique descriptors, exact locations, schedules, contact details, or private conversation history; prefer anonymous aggregate notes such as which request phrasing worked, and delete logs regularly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs creation of per-person relationship files keyed by name or type and to update them over time. That exceeds the stated purpose of giving momentary scripts for small favors and creates unnecessary profiling of identifiable third parties, which can expose private behavioral data and normalize covert relationship tracking.

Description-Behavior Mismatch

Low
Confidence
88% confidence
Finding
The skill is presented as a lightweight real-world scripting aid, but the instructions expand into ongoing recordkeeping and relationship management. This mismatch increases the chance that users or agents will collect and retain more third-party data than is reasonably necessary for the advertised function.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill tells the agent to log successful activations with details about person type, ask, outcome, script used, reaction, and reciprocity without any privacy notice or minimization guidance. In context, this creates an unnecessary dossier of third-party interactions from routine real-world encounters, increasing privacy and misuse risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
Creating `relationship-[name-or-type].md` files encourages persistent storage of identifiable information about neighbors, cashiers, and other real people with no consent, warning, or retention limit. Because the skill concerns influencing recurring social interactions, the context makes this more concerning: it supports manipulation and tracking of specific individuals over time.

Ssd 3

Medium
Confidence
93% confidence
Finding
The instructions create a natural-language data trail about third parties, including their role, responses, and prior interactions. Even if intended for benign social effectiveness, collecting this information about strangers and regular contacts can be repurposed for profiling, targeted manipulation, or unauthorized sharing if the filesystem is accessed by others.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal