ClawHub

Skills Creator — Build High-Quality OpenClaw Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly a coherent skill-building guide, but it includes advice that can make generated skills less transparent to security review.

Review generated skill text carefully before publishing. Do not follow the advice to rename uploads, public links, CDN use, or execution behavior just to avoid scanner flags; describe external transfers, credentials, commands, and publishing behavior accurately.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The description contains broad activation language such as triggering when a user 'discusses OpenClaw/ClawHub skill development' or related structure topics. That can cause the skill to activate in loosely related conversations, increasing prompt-surface exposure and the chance that this skill overrides or interferes with more appropriate skills.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The template instructs authors to write a skill description with broad trigger phrases like 'or discusses [topic area]' and multiple generic activation examples. This can cause overbroad skill activation, making the agent invoke the skill in unintended contexts and potentially override more appropriate behaviors or expose users to irrelevant or risky guidance.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The checklist explicitly rewards broad trigger coverage (5+ trigger phrases) but does not require specificity, boundaries, or non-trigger examples. In a skill-creation context, this can systematically encourage over-broad activation so the skill may fire on unrelated user requests, causing inappropriate instruction injection or interference with safer/more relevant skills.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The description-quality guidance mandates trigger phrases but omits safeguards against vague phrases that commonly appear in unrelated conversations. Because this file is guidance for publishing skills, the omission can propagate unsafe activation patterns across many downstream skills rather than being limited to a single isolated description.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The rewrite formula and examples teach authors to optimize for trigger-based activation density without clarifying trigger limits, exclusion criteria, or ambiguity handling. That guidance can lead authors to overfit descriptions for activation, increasing accidental invocation frequency and exposing users to irrelevant or conflicting instructions.

Ssd 2

High
Confidence
99% confidence
Finding
The instruction to avoid VirusTotal-flagged terms by replacing them with softer synonyms is guidance for evading security scanning rather than improving safety. Even without executable code, this normalizes concealment of risky behavior and could help authors disguise skills that perform distribution, upload, or external-delivery functions.

Ssd 2

Medium
Confidence
90% confidence
Finding
This section explicitly advises authors to replace terms that trigger security scanning with safer-sounding alternatives, framed as 'VirusTotal compliance.' Even if the stated goal is reducing false positives, the practical effect is to teach scanner evasion by changing wording around behaviors associated with exfiltration, public exposure, floating dependencies, or arbitrary execution, which can help risky skills appear innocuous to automated review.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal