ClawHub

AI朝廷三省六部

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed multi-agent planning and review workflow with an optional local file generator, not a hidden or destructive skill.

Install this if you want a structured planning, review, and execution workflow. Be aware that generic terms like collaboration, review, or progress report may activate it more often than expected, and only run the quick-start helper when you want local markdown records created. Avoid putting secrets or sensitive business details into those records unless you intend to keep them locally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger conditions are broad enough to activate the skill for generic requests involving collaboration, review, or role-play, which can cause unintended routing and prompt hijacking of unrelated tasks. In a multi-agent orchestration skill, overbroad activation is risky because it may inject this workflow into contexts the user did not request, altering behavior, outputs, or safety posture.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs generation of local workflow records and retained files without clearly warning the user that files will be created and persisted. This can expose sensitive task details, plans, or audit content to unintended local storage, especially when tasks contain confidential business, security, or personal information.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The quick-command section defines very generic natural-language triggers such as '分析任务', '通过审核', and '汇报进度' that can overlap with ordinary user conversation. In an agent skill that activates role-based workflow behavior, this creates a prompt/intent confusion risk where normal text may unintentionally trigger drafting, approval, or execution paths, leading to unauthorized or unintended multi-agent actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal