ClawHub

High-Openness Genesis

Security checks across malware telemetry and agentic risk

Overview

The skill has no executable code, but it globally pushes the assistant to favor adventurous answers over safe or standard ones, so it needs review before installation.

Install only if you intentionally want a global experimental creativity mode. Do not use it for medical, legal, financial, security, compliance, factual, or production-code work where cautious or standard answers are desirable; a safer version would be opt-in per creative task and explicitly preserve safety constraints.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The document claims the skill does not modify behavior, but it explicitly injects system-level instructions that alter the model's response policy for all subsequent tasks. This is dangerous because it misrepresents a prompt-injection style behavioral override as harmless, reducing operator awareness and increasing the chance the model will deviate from safety-aligned, user-aligned, or platform-aligned behavior.

Ssd 1

High
Confidence
99% confidence
Finding
This skill performs a system-level override that explicitly tells the model to reject 'safe' or standard answers and keep rewriting until the output feels adventurous. In context, that directly weakens safety-oriented response behavior across all requests, creating elevated risk of unsafe, policy-violating, or manipulative outputs because caution is framed as something to discard rather than preserve.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal