ClawHub

主题声明锁定

Security checks across malware telemetry and agentic risk

Overview

This is a story-planning skill that records a theme statement and does not show hidden execution, credential access, network use, or destructive behavior.

Install this if you want a structured story-development gate. Before using it in a shared repository, make sure you are comfortable with it creating theme-lock.md and updating planning or todo state in the active project.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list is broad and lacks explicit exclusion criteria, so the skill may activate in contexts where the user only mentions related concepts rather than requesting this workflow. Unintended invocation can cause the agent to impose a mandatory gating process and alter the user’s workflow unexpectedly, which is a real safety and usability issue even if not overtly malicious.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs the agent to create `theme-lock.md` in the project root without requiring user notice or consent. Silent file creation modifies user data and repository state, which can be harmful in managed workspaces, automated pipelines, or collaborative projects where unexpected files may trigger downstream effects.

Missing User Warnings

Low
Confidence
95% confidence
Finding
The instruction to mark the todo list as completed modifies project/task state without informing the user. While lower impact than file creation, it can still corrupt planning records, create false progress signals, or interfere with integrations that depend on task status.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal