ClawHub

harness-generate-iOS

Security checks across malware telemetry and agentic risk

Overview

This is an iOS documentation-harness generator, but it should be reviewed because it makes broad project changes and writes persistent agent memory without a clear approval step.

Install only if you want an agent to inspect your iOS project and create or update CLAUDE.md, docs, module READMEs, .claude/rules, and memory files. Use a clean branch, prefer single-module mode when possible, review all diffs before committing, and require explicit approval before allowing the memory-writing step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill directs the agent to create or update a persistent memory entry that affects future behavior beyond the immediate harness-generation task. Persistent memory changes are security-sensitive because they can silently steer later interactions, and here the memory content is operational guidance rather than output strictly required to build the iOS harness.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases include broad terms like 'generate harness' and 'init harness', which can match ordinary user requests unintentionally. Over-broad activation increases the chance that a high-impact file-writing skill runs when the user did not intend to invoke it, especially because this skill performs large-scale scans and modifications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs widespread creation and modification of project files but does not require an upfront warning and confirmation before making those changes. In practice, this can lead to surprising repository-wide edits, overwrite/merge mistakes, and accidental modification of important documentation and rule files.

Natural-Language Policy Violations

High
Confidence
98% confidence
Finding
The embedded memory content forces future maintenance guidance in Chinese without any user opt-in, which is both a persistent side effect and an instruction that can conflict with user expectations or team language norms. Because it is written into memory for later reuse, it can alter future agent behavior in a way that is difficult for users to notice or correct.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal