ClawHub

Roundtable by JZ

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only roundtable decision aid with broad activation wording but no evidence of hidden code, data access, persistence, or harmful behavior.

Install this if you want decision requests structured as a simulated expert roundtable. Be aware it may activate on broad decision-making language, so invoke it explicitly for topics where you want that format and treat its output as advisory rather than expert, legal, financial, or safety-critical advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrase "I need multiple perspectives on [decision]" is broad and resembles ordinary conversational language, so the skill may activate when the user is not intentionally invoking it. In this skill, that matters because it changes the assistant's behavior into a multi-role simulation in the main session, which can unexpectedly alter outputs, increase prompt surface area, and interfere with normal instruction handling.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill advertises use not only on explicit trigger phrases but also whenever the model judges that a decision would benefit from multiple viewpoints. That broad activation condition can cause the skill to activate implicitly, overriding normal routing expectations and increasing the chance it is invoked in sensitive contexts without clear user intent.

Natural-Language Policy Violations

High
Confidence
95% confidence
Finding
The skill includes mandatory Chinese-language operational instructions and prescribes execution behavior without user opt-in. Forcing a language or execution mode can misalign with user expectations, obscure safety-relevant content, and create prompt-routing behavior that bypasses safer isolation patterns in contexts where subagents or explicit consent would be preferable.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal