ClawHub
Back to skill

Security audit

brainstorming

Security checks across malware telemetry and agentic risk

Overview

This is a plain Markdown brainstorming workflow with no executable code, though it can lead the agent to inspect project context and create a committed design document.

Install this if you want structured design planning. Before use, tell the agent whether it may inspect the repository, write a docs/plans design file, or create a git commit; ask it to keep the design in chat if you do not want repository changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill is presented as a brainstorming and design aid, but it also instructs the agent to write files and commit to git. That expands the skill from advisory behavior into repository-modifying behavior without clearly scoping user consent, creating a risk of unintended persistent changes during what users may believe is a planning-only phase.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The instruction that the skill 'MUST' be used before any creative work is overly broad and can force unnecessary invocation across many unrelated tasks. This creates an unsafe control surface because a widely auto-triggered skill with side effects or workflow constraints can steer agent behavior, collect context, and potentially cause unwanted actions far beyond a narrow design-assistance use case.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs the agent to write a design document and commit it to git, but the user-facing description does not warn that using the skill may modify the repository. Hidden persistence actions are dangerous because they can create unauthorized files and commits, surprising users and altering project state under the guise of a conversational planning tool.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal