ClawHub

SaaS Idea Scout

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for SaaS idea research, but it asks for background orchestration and file-writing authority that is not clearly bounded.

Install only if you are comfortable with the skill creating local run files, launching sub-agents, running shell checks, and temporarily using a watchdog. Before use, require an explicit confirmation step, keep outputs inside a dedicated directory, and avoid letting task briefs control arbitrary file paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger phrases are broad enough to match ordinary brainstorming requests, which can cause the skill to activate unexpectedly and start a heavy multi-agent workflow. In context, that matters because the skill performs local file creation, spawns many sub-agents, and sets up a cron watchdog, so accidental invocation can consume resources and perform side effects the user did not clearly intend.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill directs the agent to create local files, run repeated shell-based verification commands, and manage a cron watchdog without clearly warning the user up front about these local side effects. In this skill's context, that increases risk because routine ideation requests may unexpectedly result in persistent filesystem artifacts and background orchestration behavior.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The instruction tells the agent to write the complete PRD to an output file path supplied in the task brief, but it provides no restriction that the path must be confined to a safe workspace or that existing files must not be overwritten. If an attacker or malformed upstream task controls that path, the agent could overwrite arbitrary project files, prompts, configs, or other sensitive artifacts, causing integrity damage and potentially enabling follow-on compromise.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal