ClawHub
Back to skill

Security audit

prompt-architect

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-design helper with broad activation and a Chinese-language default, but it has no code execution, data access, persistence, or hidden install behavior.

Install this if you want a structured assistant for prompt and AI-workflow design. Expect it to activate on many prompt-related requests and to answer in Chinese by default unless you ask for another language; review generated production prompts carefully before using them in customer-facing, regulated, or high-impact settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger criteria are extremely broad and include instructions to 'always use this skill' even for simple requests. This can cause unintended invocation, override more appropriate skills or base behavior, and increase the chance that user requests are routed through an unnecessary prompt-transformation workflow, which can degrade safety, correctness, and user intent matching.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The instruction to default to Chinese output unless the user switches language imposes a language choice without explicit user opt-in. This can cause confusing responses, mismatched outputs for downstream systems, and accidental disclosure or mishandling when the expected operating language is different from the user's environment.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.