ClawHub

Writing

Security checks across malware telemetry and agentic risk

Overview

This skill is a local writing assistant that remembers style preferences, with some broad activation wording users should configure carefully.

Install this only if you want the assistant to remember writing-style preferences locally. During setup, choose on-request activation if you do not want proactive writing help, review ~/writing/memory.md periodically, and ask the assistant to forget or clear stored style preferences when you no longer want them retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill auto-activates on very common writing-related phrases, which can cause it to engage unexpectedly in broad contexts. This increases the chance of unrequested behavior, including loading or applying persistent memory when the user did not explicitly ask for the writing skill.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The memory-saving triggers are ambiguous and based on ordinary conversational statements, so the agent may persist inferred preferences from isolated comments without clear consent or boundaries. Over time this can poison or distort the user's stored profile and cause future responses to be manipulated by accidental, transient, or adversarially induced inputs.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The template leaves activation behavior underspecified with `integration: (when to activate — proactive/on-request/specific-contexts)`, which can cause an agent to engage memory collection or style adaptation without clear user consent boundaries. In a memory-bearing writing skill, ambiguous triggers increase the chance of overcollection, unexpected persistence, or use of stored preferences in contexts the user did not intend.

Missing User Warnings

Low
Confidence
77% confidence
Finding
The file instructs creation of `~/writing` directories and `memory.md` without any user-facing notice, confirmation, or disclosure that persistent local storage will be created. While the filesystem changes are limited, silent creation of persistence infrastructure can undermine transparency and user expectations around data retention.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The instruction to 'Start the conversation naturally' because the user engaging with writing help 'implies they want assistance' creates an overly broad activation trigger. This can cause the skill to engage and begin preference-gathering or memory-related behavior without a clearly scoped user request, increasing the risk of unintended data collection or intrusive proactive behavior.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The setup directs the agent to determine when the skill should activate and suggests proactive engagement modes like helping whenever the user is writing, but it does not enforce narrow boundaries for detecting those situations. In a skill that adapts across sessions and stores style preferences, ambiguous proactive activation increases the chance of overreach, unnecessary intervention, and collection or use of writing-related context beyond what the user expected.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal