ClawHub

WordPress Article Publisher

Security checks across malware telemetry and agentic risk

Overview

This appears to be an unfinished WordPress publishing skill with no hidden code, but it lacks the instructions and safeguards expected for a tool that may affect public website content.

Treat this as an unfinished skill. Do not give it WordPress credentials or rely on it to create, edit, or publish posts until the author replaces the template with a clear workflow covering authentication scope, draft/review defaults, explicit confirmation before publishing, and recovery steps.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The skill metadata leaves the description and activation guidance as TODO placeholders, so the agent lacks clear boundaries for when this skill should be invoked. Ambiguous invocation scope can cause the skill to trigger in unintended contexts, increasing the chance of unsafe automation or misuse, especially for publishing-related actions that may affect external systems like WordPress.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The unfinished Overview section means the skill does not explain what it enables, what systems it touches, or what safety expectations govern its use. In a publishing skill, missing operational context can lead an agent to perform content creation or publication steps without appropriate validation, review, or user intent confirmation.

Vague Triggers

Low
Confidence
91% confidence
Finding
The file still contains scaffolding/template instructions instead of a finalized skill structure, so there are no concrete procedures, constraints, or guardrails for the agent to follow. While this is less directly exploitable than embedded malicious instructions, it creates an underspecified skill that may be invoked or interpreted inconsistently, weakening safety controls.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal