ClawHub

Filter Account Dropdown Entry Workflow

Security checks across malware telemetry and agentic risk

Overview

This is a small instruction-only workflow skill for a specific software enhancement, with no evidence of hidden execution, credential access, persistence, or data exfiltration.

Installers should be aware that this skill may activate on generic account, filter, dropdown, or form wording. It is otherwise a low-risk planning aid; review its output like normal development guidance before applying code changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description and activation criteria use very broad terms like 'general-help', 'enhancement', 'filter', and 'account', which are common across many unrelated requests. This can cause the skill to activate outside its intended scope, leading to incorrect routing, irrelevant guidance, or accidental override of a more appropriate skill in sensitive workflows.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The Triggers section lists ambiguous standalone keywords that can match ordinary user language independently of the actual feature request. In a skill-selection system, this increases the chance of unintended invocation and prompt-space interference, where this workflow is chosen for unrelated account, form, or filtering tasks.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill enables implicit invocation via `allow_implicit_invocation: true` without defining clear trigger constraints or narrower activation conditions. This can cause the agent to activate the workflow in broader contexts than intended, increasing the chance of unintended prompt injection exposure, user confusion, or execution of workflow-specific guidance when the user did not explicitly request it.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal