ClawHub

Bytesagain Privacy Policy

Security checks across malware telemetry and agentic risk

Overview

The skill has a legitimate privacy-policy generator, but it also includes an unrelated security-tool script that silently logs command arguments locally.

Review this skill before installing, especially scripts/script.sh. The privacy-policy template script should be treated as a drafting aid requiring legal and operational review, not proof of GDPR/CCPA compliance. Avoid passing sensitive company details, secrets, customer data, or policy text into the security-tool commands unless the unrelated script is removed or its local logging behavior is disabled and disclosed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (8)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The script materially contradicts the declared skill purpose: instead of generating privacy policies or auditing consent/data practices, it exposes a generic security-tool CLI with scanning, hardening, hashing, and password features. This kind of capability mismatch is dangerous because it can mislead users and reviewers about what the skill actually does, and it increases the chance of hidden or unauthorized functionality being shipped under a trusted privacy/compliance label.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
A password generator is unrelated to privacy-policy drafting and expands the skill's operational scope beyond its declared compliance function. In this context, unexplained credential-related functionality is suspicious because it normalizes hidden extra capabilities and could be abused to mask broader off-purpose behavior in a skill that users would trust for legal/compliance work.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The hashing utility is not justified by the stated purpose of generating privacy policies or checking privacy compliance, and it broadens the skill beyond what users are led to expect. Capability drift like this is risky in an agent skill because unrelated primitives can be combined for unreviewed workflows and make a mislabeled package harder to trust.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The inline description and help text repeatedly present the script as a "security scanning and hardening tool," directly conflicting with the skill metadata claiming privacy-policy generation and GDPR/CCPA assistance. This mismatch makes the skill more dangerous because the surrounding context encourages trust from privacy/compliance users while the implementation advertises an entirely different operational role.

Vague Triggers

Medium
Confidence
72% confidence
Finding
The description is broad enough to match many ordinary privacy, consent, and compliance conversations, increasing the chance the skill is auto-invoked outside the user's intent. In a compliance context, unintended activation can expose sensitive business or legal details to the skill flow and lead to inappropriate drafting or analysis being performed without clear user choice.

Vague Triggers

Medium
Confidence
88% confidence
Finding
Generic command names like `generate`, `audit`, `app`, and `website` are highly collision-prone and may be invoked unintentionally in unrelated conversations or alongside other skills. Because this skill deals with privacy/compliance workflows, accidental activation could cause sensitive organizational data, policy text, or compliance discussions to be routed into the wrong tool context.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The logging helper writes command arguments verbatim to a persistent history file, and those arguments may contain sensitive data such as audit targets, identifiers, policy text, or other user-supplied compliance information. In a privacy-related skill, undisclosed retention of user inputs is especially problematic because it can create local data exposure and violate user expectations around handling sensitive compliance content.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The script creates a local data directory and stores logs persistently without clearly informing the user, which creates hidden retention of potentially sensitive interaction data. While lower severity by itself, this is more concerning in a privacy/compliance-branded skill because users may reasonably expect careful disclosure and minimization of stored data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal