ClawHub

Slopbuster

Security checks across malware telemetry and agentic risk

Overview

This is a local text-rewriting skill whose main risk is that optional setup instructions can make its writing style rules persist across future agent output.

Use this for on-demand cleanup when you want its style changes. Be careful before adding its rules to global agent configuration, because that can change all future replies, comments, and commit messages; keep it project-scoped if possible and review any file edits before accepting them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly supports rewriting content and indicates files may be saved (for example, via output like "FILE SAVED") while the metadata grants Write and Edit permissions, but it does not clearly warn users that it can modify existing files or create rewritten outputs. This creates a transparency and consent problem: users may invoke the skill expecting analysis or suggestions, yet the skill may overwrite or generate files without an explicit confirmation step.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The guide explicitly tells users to make slopbuster rules apply to ALL agent output all the time, including chat explanations and other user-facing text. That creates a persistent behavior override that can conflict with user instructions, preferred wording, tone, or locale, and can silently rewrite outputs in ways the user did not request.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The Codex CLI section instructs users to install persistent writing constraints for all text output, with no opt-in boundary or priority rule for user requests. This can cause the agent to systematically ignore legitimate user preferences for phrasing, register, or non-English output in favor of the skill's rewrite policy.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The Cursor and other agent configuration examples impose mandatory wording restrictions on any text the agent writes, again without user consent or an override path. Because these are placed in persistent instruction files, they can bias future sessions and outputs broadly, making the behavior sticky and hard for users to notice or reverse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal