ClawHub

Product Validation Planner

Security checks across malware telemetry and agentic risk

Overview

This is a product-planning skill with broad routing language, but it does not contain hidden execution, credential use, persistence, or data-exfiltration behavior.

Installers should know this skill may be invoked automatically for broad product or startup-related requests. It appears safe as an advisory planning aid, but users who want tighter control should invoke it explicitly or prefer a version with narrower trigger wording.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger sentence is so broad and awkwardly templated that it can match ordinary user requests about help or practical workflows, causing unintended activation of the skill. Over-broad activation increases the chance that the agent applies business-validation instructions in contexts the user did not explicitly intend, which can lead to prompt-routing confusion and unsafe or irrelevant tool behavior.

Vague Triggers

Medium
Confidence
93% confidence
Finding
This activation pattern is ambiguous because it uses generic phrasing that lacks clear boundaries on when the skill should engage. In an agent system, ambiguous triggers can cause accidental skill selection, override more appropriate skills, or let adversarial users steer execution by crafting commonplace requests that unintentionally match.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are broad, natural-language prompts such as 'Help me' and 'I need a practical workflow', which can match ordinary user requests unrelated to explicit skill invocation. This increases the chance of unintended activation, causing the agent to apply this skill in contexts the user did not clearly request, which can lead to misrouting, confusion, or inappropriate workflow injection.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger keywords are broad and generic, including terms like 'product idea', 'validation', 'prototype', 'saas', and 'startup'. This can cause the skill to activate during ordinary product discussions where the user did not explicitly request this workflow, increasing the chance of inappropriate routing, context capture, or response hijacking by the skill.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The description defines applicability in very broad terms, covering multiple domains and loosely related tasks without clear exclusion criteria. In a dispatcher or agent-routing environment, this ambiguity can lead to over-selection of the skill, producing unintended behavior or suppressing better-matched skills.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The default prompt uses broad, natural language phrasing around common product-idea tasks, which can cause the skill to be selected for a wide range of ordinary product discussions rather than only explicit validation-planning requests. Overbroad routing increases the chance of unintended invocation, causing context leakage into the skill and reducing user control over when this agent is engaged.

Vague Triggers

Medium
Confidence
96% confidence
Finding
Enabling implicit invocation without tight trigger constraints allows the platform to auto-route user requests to this skill even when the user did not clearly ask for product-validation planning. This can lead to inappropriate activation, unnecessary exposure of user context, and unintended influence over conversations about product strategy or ideation.

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger sentences are highly generic and can match broad user requests unrelated to this specific skill, which increases the chance of unintended or excessive activation. In an agent ecosystem, overbroad routing can cause the wrong skill to engage, leading to irrelevant actions, prompt-scope confusion, or downstream misuse if later steps assume the skill was intentionally invoked.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal