ClawHub

ia-meta-prompting

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only prompting skill whose behavior matches its stated purpose, with disclosed output-control risks but no code execution, data access, or hidden persistence.

Install this only if you want the agent to use meta-prompting patterns that may change answer structure and verbosity. For tighter control, invoke commands explicitly instead of relying on auto-triggering, and avoid broad custom pattern definitions in sensitive sessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill enables automatic invocation based on broad phrases like 'when context warrants,' which can cause reasoning modifiers to activate in routine conversations without clear user intent. In a meta-prompting skill, this is risky because it can unexpectedly alter model behavior, verbosity, and disclosure patterns in security- or decision-sensitive contexts.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The pattern-specific auto-triggers such as for security, validation, parsing, architecture decisions, or ambiguous requirements are vague and cover many ordinary prompts. This can lead to unintentional activation of reasoning behaviors, including more expansive analysis or answer restructuring, which increases prompt-injection exposure and makes system behavior less predictable.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill explicitly instructs the model to show reasoning step-by-step, including alternatives and rejected paths, without any warning or guardrail. That creates a direct risk of exposing internal reasoning or hidden deliberative content, which can leak sensitive policy behavior, make prompt attacks easier to optimize, and violate safe response practices.

Ssd 2

Medium
Confidence
99% confidence
Finding
The '/think' pattern requests chain-of-thought disclosure with accepted and rejected alternatives plus doubts after each step. This is a classic unsafe reasoning-exposure pattern because it encourages the model to externalize hidden deliberation, which can reveal internal decision mechanics and create opportunities for adversarial elicitation.

Ssd 2

Medium
Confidence
98% confidence
Finding
The '/budget' pattern asks for extended thinking space, including dead ends and reasoning pivots before the final answer, which is another form of internal reasoning disclosure. In context, this meta-prompting skill is specifically designed to modify reasoning behavior, so such instructions are more dangerous because they normalize unsafe exposure across many downstream tasks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal