ClawHub

Product Validation Planner

Security checks across malware telemetry and agentic risk

Overview

This is a text-only product-planning skill with overly broad activation wording, but no evidence of hidden, privileged, destructive, or data-exfiltrating behavior.

Before installing, note that this skill may activate more often than expected because its trigger words are broad. It appears safe from a security perspective, but users who want precise routing should narrow the triggers or disable implicit invocation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

High
Confidence
98% confidence
Finding
The trigger keyword list is excessively broad and includes generic terms such as "ask," "product," "very," "high," and "ready," which are likely to appear in ordinary user conversations. This creates a real risk of accidental skill activation, causing the agent to route unrelated requests into this skill and potentially produce irrelevant or unsafe task handling in contexts where the skill is not appropriate.

Vague Triggers

High
Confidence
95% confidence
Finding
The manifest description defines activation in terms that are too open-ended, including broad categories like "creative-and-content," "ask," and any request needing a workflow, checklist, analysis, or implementation support. These criteria overlap with a wide range of unrelated tasks, increasing the chance that the skill activates outside its intended scope and hijacks routing from more appropriate skills or default handling.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example trigger sentences are generic and do not establish a sufficiently specific boundary for when the skill should be invoked. Because they model broad natural-language phrasing rather than unique invocation patterns, they reinforce accidental activation risk and make it harder for the router to distinguish this skill from many other assistance-oriented skills.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The default prompt is extremely generic ('help me Help for a Product') and maps to a broad class of user requests, which increases the chance the skill is invoked in contexts the user did not explicitly intend. Broad invocation phrases can cause prompt-routing confusion, accidental disclosure of user context to the skill, or inappropriate automation on unrelated requests.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Enabling implicit invocation without strong trigger constraints allows the system to auto-select this skill based on vague matches, increasing the risk of over-broad activation. In practice, this can cause the skill to process unrelated user conversations, leading to unintended prompt injection surface expansion, context leakage, or user confusion about why the skill was engaged.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger criteria are very broad and ambiguous, using generic keywords like 'ask', 'product', 'very', 'high', 'quality', and 'ready', which can cause the skill to activate for many unrelated requests. Over-broad activation boundaries increase the chance of misrouting user requests, unintended invocation, and interference with more appropriate skills, reducing reliability and potentially exposing users to irrelevant or incorrect workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal