ClawHub

Shell Editing Workflow Helper

Security checks across malware telemetry and agentic risk

Overview

This skill does not show malware or data theft, but it can be invoked very broadly for edit, write, and shell-related work without clear safety boundaries.

Review before installing. The skill appears non-destructive and VirusTotal/static scans are clean, but it is broadly auto-invokable and under-scoped for shell and file-editing safety. Install only if you are comfortable with it influencing general edit/write/shell requests, or narrow its triggers and disable implicit invocation first.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

High
Confidence
94% confidence
Finding
The skill description is broad enough to match very common request types such as feature, edit, write, shell, workflow, checklist, and analysis, which can cause the skill to activate outside its intended narrow safety-checking use case. Over-broad activation increases the chance that unrelated user tasks are routed through this skill, creating prompt-scope confusion and potentially enabling unsafe tool-guidance to be applied in contexts where stronger constraints or more specific skills should have been used.

Vague Triggers

High
Confidence
97% confidence
Finding
The trigger list includes vague single-word activators like 'feature', 'edit', 'write', 'shell', 'checked', 'existing', 'issues', and 'found', which are likely to appear in many benign conversations. This makes accidental invocation highly probable and can let the skill influence agent behavior in broad contexts, increasing the risk of misrouting, prompt collisions, or unsafe operational guidance when shell or file-editing actions are involved.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill enables implicit invocation with no documented activation constraints, so it may be auto-selected in broader contexts than intended. Because this skill is explicitly positioned to influence edit/write/shell workflows, ambiguous triggering increases the chance that it affects sensitive tool-use decisions unexpectedly or can be invoked through prompt shaping.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrase is broad enough to match common user language around 'help me' and generic workflow/support requests, which can cause this skill to activate outside its intended scope. In a security-sensitive skill that influences edit/write/shell workflows, accidental invocation can route unrelated requests through the wrong behavior, increasing the chance of inappropriate guidance or bypass of more specific safeguards.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal