ClawHub

Prediction

Security checks across malware telemetry and agentic risk

Overview

This forecasting skill is coherent and disclosed: it keeps optional local forecast notes, asks for no credentials, and does not send data anywhere by default.

Install this if you want recurring local forecast memory. Choose explicit-request activation if you do not want it to engage in adjacent planning conversations, and review or delete ~/prediction if old forecasts, assumptions, or preferences should stop influencing future answers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The instruction to keep gathering preferences 'naturally while answering' is underspecified and can encourage incremental collection of user traits beyond what is necessary for a forecasting task. In a memory-oriented skill, that ambiguity increases the risk of excessive profiling or retention of personal preferences without clear consent boundaries or minimization rules.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
Directing the agent to create files in `~/prediction/` implies local filesystem writes in the user's home directory without an explicit notice, confirmation step, or safer sandboxed location. Even though the files are benign templates, silent persistence on a user's device can violate user expectations and create privacy or integrity risks if the agent writes without clear authorization.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The setup directs the skill to activate on broad phrases like 'what is likely' or 'what will happen,' which can overlap with ordinary conversation and cause the forecasting skill to engage without clear user intent. In an agent system, overly broad activation criteria can misroute requests, override more appropriate skills, and create persistent behavior that the user did not explicitly authorize.

VirusTotal

46/46 vendors flagged this skill as clean.

View on VirusTotal