ClawHub

Job Shadow Risk Assessor

Security checks across malware telemetry and agentic risk

Overview

This skill is job-loss preparation advice, but it asks the agent to take or prompt sensitive financial and workplace actions with weak safeguards.

Review before installing. Use only on a personal device, do not let the agent open bank accounts, change payroll, alter calendars, send messages, or retain employer emails automatically, and avoid storing confidential workplace or financial details unless you deliberately choose a safe location.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill instructs the agent to open a savings account and automate paycheck transfers, which is a real-world financial action far outside the declared filesystem-only capability. That mismatch is dangerous because it normalizes high-risk financial-account management without explicit tool authorization, consent checkpoints, or safety boundaries, and could lead users to over-delegate sensitive banking decisions.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The instruction to block daily calendar time expands the skill into calendar management even though the metadata declares only filesystem access. This capability creep is risky because it encourages the agent to take operational actions in workplace systems that may affect the user's visibility, schedule, and employer-monitored activity without proper authorization or disclosure.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
Telling the agent to identify coworkers, send messages, and preserve email threads introduces outbound communications and workplace-record handling beyond the declared scope. In this context, that is particularly sensitive because the skill is designed to operate 'quietly' and avoid detection, which increases the risk of privacy violations, policy breaches, and manipulative or deceptive workplace behavior.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger conditions are broad and anxiety-driven, such as sensing budget cuts or a boss 'going silent,' which can cause the skill to activate in many ordinary workplace situations. Because the skill then recommends covert preparation steps and sensitive data collection, vague activation criteria increase the chance of unnecessary risky behavior based on speculation rather than concrete evidence.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill directs creation of a local file containing employment-risk notes without warning that the data may be sensitive and discoverable, especially on shared or employer-managed devices. In a covert-employment context, silent persistence of this information can expose the user's concerns, strategy, and financial planning if the file is synced, monitored, or accessed by others.

Missing User Warnings

High
Confidence
99% confidence
Finding
The skill recommends opening a new savings account and automating paycheck transfers without any warning about financial risk, bank/payroll security, account ownership, or the limits of agent assistance. This is dangerous because users may infer the agent can safely operationalize financial changes, when such actions are sensitive, potentially irreversible, and inappropriate for a skill with no declared financial tooling.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Encouraging users to save internal emails and prepare severance materials without warning about privacy, employer policy, or device-safety risks can prompt mishandling of confidential workplace information. The surrounding 'silent' and 'hidden' framing makes this more concerning because it nudges users toward covert retention of potentially sensitive records without legal or policy safeguards.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal