ClawHub
Back to skill

Security audit

Work Productivity Agent Browser Workflow Helper

Security checks across malware telemetry and agentic risk

Overview

This is a low-impact workflow/documentation skill with overly broad activation wording, but no evidence of hidden execution, data access, persistence, or destructive behavior.

Install only if you want this helper to be available for Agent Browser-style workflow planning. Be aware it may activate on broad browser or automation phrasing, so users should explicitly name a different skill or ask for clarification when working on unrelated browser tasks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (10)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger sentences are broad, malformed, and overlap with generic productivity/browser-help phrasing, which increases the chance the skill is invoked when the user did not explicitly intend it. In an automation and browser-workflow context, unintended invocation can cause the agent to apply the wrong workflow, produce unsafe guidance, or steer execution toward browser/headless actions without sufficiently specific user consent.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases are broad and generic enough to match ordinary user requests about browser workflows, automation, or practical help, which can cause unintentional activation of the skill outside its intended scope. In an agent ecosystem, ambiguous activation boundaries increase the chance that this skill is invoked in the wrong context, leading to confusing behavior, unsafe workflow chaining, or unintended handling of browser-automation tasks.

Vague Triggers

High
Confidence
95% confidence
Finding
The skill description is extremely broad and matches common terms like browser, automation, and workflow support without meaningful scope limits. This can cause the skill to be invoked for unrelated requests, increasing the chance that higher-risk browser or automation behavior is applied in the wrong context or overrides more appropriate, narrower skills.

Vague Triggers

High
Confidence
97% confidence
Finding
The keyword list includes very generic terms such as browser, automation, cli, and bug fix, which are common across many benign and sensitive tasks. In an agent setting, such overbroad triggers can cause accidental routing into a skill that may guide browser automation or workflow execution in contexts involving credentials, external sites, or actions the user did not specifically intend.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The example trigger sentences are vague and effectively encourage invocation from partial, loosely related phrasing rather than clearly bounded requests. That ambiguity makes it easier for the skill to activate unexpectedly and steer the agent toward browser or automation-oriented assistance without an explicit user request for that specialized behavior.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger keyword list is overly broad and includes generic terms like "browser", "automation", and "cli", which can match many unrelated user requests and cause unintended activation of this skill. In an agent environment, this can misroute tasks, override more appropriate skills, and increase the chance that users receive irrelevant or unsafe workflow guidance in the wrong context.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The example trigger phrases use natural, everyday language that is broad enough to match ordinary requests without clear boundaries, which increases the likelihood of accidental skill invocation. Because the examples mirror generic help-seeking behavior rather than explicit scoped commands, the skill may activate in contexts where it is not the best or safest fit.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The default prompt is highly generic and includes broad terms like work-productivity, browser, automation, workflow, checklist, and analysis, which can overlap with ordinary user requests. In combination with skill-style invocation behavior, this increases the chance the agent is triggered in contexts the user did not intend, causing prompt hijacking of unrelated conversations or accidental execution of browser-oriented guidance.

Vague Triggers

Medium
Confidence
96% confidence
Finding
Enabling implicit invocation without strong trigger constraints allows the skill to activate based on ambiguous natural-language matches rather than explicit user selection. Because this skill targets common productivity and browser workflow topics, the context makes accidental invocation more likely, which can introduce unintended instructions, alter agent behavior, or broaden access to sensitive workflow contexts.

Vague Triggers

High
Confidence
90% confidence
Finding
The trigger phrases are overly broad and partially match common user language such as asking for 'a practical workflow' or 'help me', which can cause the skill to activate for unrelated requests. In an agent environment, unintended activation can route benign tasks into browser/headless automation contexts, increasing the chance of unnecessary tool use, confusing outputs, or accidental execution of higher-risk workflows.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal