ClawHub

Prompting

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only prompt-engineering skill with disclosed local memory, but users should avoid storing sensitive samples or corrections in it.

Install only if you are comfortable with the agent maintaining local prompt memory in ~/prompting/. Keep secrets, regulated data, proprietary writing samples, and sensitive personal details out of memory.md and history.md, and periodically inspect or delete those files if you do not want old preferences or corrections reused.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs persistent storage of prompt patterns, user voice/preferences, and prompt history in a home-directory location, but provides no notice, consent flow, retention limits, or guidance on handling sensitive content. This can lead to silent collection of personal writing traits, behavioral preferences, and prior interactions that may contain confidential or regulated data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guidance to extract patterns from writing samples and apply them consistently implies retention and reuse of potentially sensitive user-authored text, yet it omits any warning that writing samples may contain personal, proprietary, or identifying information. Because voice-preservation is a core function of this skill, the context makes the issue more concerning: it encourages storing exactly the kind of data that can reveal identity and private preferences.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The memory persistence section instructs the agent to store user style preferences, target models, and past corrections across sessions without clearly informing the user that cross-session memory is being maintained. Silent persistence increases privacy risk because users may reasonably expect prompt-tuning assistance to be session-scoped, while stored corrections and preferences can accumulate into a detailed profile over time.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The template explicitly instructs storing persistent user preferences, voice patterns, and a corrections log, which creates a privacy and data-retention risk if users are not informed and no minimization or deletion guidance is provided. In a prompting skill, this is somewhat contextual and expected for personalization, but it still increases the chance of unnecessary retention of sensitive user data or writing identifiable content to disk.

Ssd 1

Medium
Confidence
95% confidence
Finding
The guidance explicitly states that constraints placed in a user message can override a system prompt, which normalizes prompt-priority bypassing as a technique. In an agent skill about prompt construction, this increases the chance that users will intentionally or accidentally craft prompts to defeat higher-priority safety, policy, or tool-use controls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal