ClawHub

Switzerland

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Switzerland travel-planning skill with disclosed local trip notes and no executable or network behavior.

Install only if you are comfortable with local Switzerland trip notes being kept for continuity. Avoid storing passport numbers, payment details, or other highly sensitive information in ~/switzerland/memory.md, and review or delete that file when the trip is over.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The integration rule allows activation on broad topical cues like 'Switzerland or Swiss Alps topics,' which can cause the skill to engage when the user did not explicitly request trip-planning assistance. Over-broad activation increases the chance of inappropriate context capture, unintended memory use, or the skill influencing unrelated conversations about Switzerland.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill instructs broad proactive activation on loosely related topics like mountain travel, border hops, and expensive alpine bookings, which can cause the agent to engage outside the user's intended scope. That creates a consent and context-boundary problem: the skill may influence conversations where the user did not explicitly request Switzerland-specific planning or memory behavior.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs creation of a local directory and persistence of trip notes without requiring a clear, user-facing disclosure at the time data is stored. Even though the data appears low sensitivity, travel plans can reveal location patterns, budgets, border assumptions, mobility limits, and timing details, creating a privacy risk if stored unexpectedly or retained longer than the user expects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal