ClawHub

coding-as-dressing

Security checks across malware telemetry and agentic risk

Overview

This is a simple teaching skill that explains code with clothing analogies and does not request access to files, commands, accounts, or background execution.

Safe to install if you want beginner code explanations using clothing metaphors. Be aware it may activate on ordinary simple code-explanation prompts and tends toward Chinese output; users who want tighter behavior should prefer a version that triggers only on explicit clothing/outfit analogy requests and follows the user's language.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger conditions are broad enough to activate on generic requests like 'what does this code do' or 'explain simply', which can cause the skill to intercept normal coding-help flows unexpectedly. While not directly enabling code execution or data exfiltration, this is a security-relevant routing weakness because an overly broad skill can override user intent, reduce response quality, and create opportunities for prompt-scope confusion across unrelated requests.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The skill content strongly constrains output to Chinese without checking the user's language preference, which can cause unintended behavior when invoked in other language contexts. This is primarily a policy and UX safety issue rather than a direct exploit path, but forced language can degrade clarity, hide misunderstandings, and make the agent less predictable when handling mixed-language requests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal