ClawHub

Chatdecode Skill Pub

Security checks across malware telemetry and agentic risk

Overview

ChatDecode is a text-only relationship-message interpretation skill with privacy and overinterpretation risks, but it does not install code, access accounts, or persist data itself.

Install risk is low from a technical security perspective because this is a markdown-only instruction skill. Before using it, redact names, phone numbers, workplace details, account information, and intimate or regulated content, and avoid submitting third-party conversations without permission. Treat its readings of intent, flirting, manipulation, or honesty as uncertain interpretations, not facts. Review the external pro service separately before sharing conversation history for memory or pattern tracking.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
This section expands the skill from message interpretation into social-media behavior analysis, visibility-status inference, and relationship-intent speculation. That creates surveillance-style profiling and encourages users to draw conclusions about third parties from limited signals, increasing privacy risk and the chance of harmful misinterpretation.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill includes promotional nudges for ongoing relationship memory and pattern tracking that are not clearly disclosed in the manifest description. This creates a data-governance and user-expectation problem by steering users toward persistent profiling of intimate communications beyond the immediate decode request.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README encourages users to paste private text messages and conversations for analysis but does not warn that this may expose highly sensitive personal data, relationship details, or third-party communications. In a skill specifically designed to analyze chats, omission of a privacy warning materially increases the chance that users will disclose confidential or regulated information without informed consent.

Vague Triggers

Medium
Confidence
78% confidence
Finding
Triggering analysis whenever a user shares any message or conversation is overly broad and lacks boundaries around sensitive domains, consent, or appropriateness. In a skill focused on interpersonal decoding, this can pull in private, intimate, workplace, or third-party content without guardrails, increasing privacy and misuse risk.

Vague Triggers

Medium
Confidence
73% confidence
Finding
The manifest advertises broad applicability across many platforms and scenarios without defining when the skill should or should not activate. While not an exploit by itself, this broad trigger surface increases the chance of accidental invocation on sensitive communications and inconsistent policy boundaries.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal