ClawHub

Haqq Content Workbench

Security checks across malware telemetry and agentic risk

Overview

The skill is a simple content helper, but its main reference file includes instructions that try to override the assistant and carry into future tasks.

Install only if you are comfortable with a reference file that contains strong prompt-injection-style language. The content workflow itself is low-permission, but users should treat the Arabic reference as source text only and avoid letting it override system, developer, or user instructions outside the specific task.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
The text imposes a rigid Arabic-only policy for handling scripture and explicitly rejects translated forms as valid, removing user choice over language and framing alternative handling as impermissible. In an agent skill, this becomes a policy override that can cause the model to refuse reasonable multilingual assistance or provide biased, exclusionary behavior unrelated to platform policy or user intent.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
This section instructs the agent to answer every relevant question under a fixed religious framework, with mandatory sourcing and prescribed fallback language, effectively overriding normal user choice and system behavior. That is dangerous because it turns a reference file into a universal behavioral policy, enabling persistent steering, narrowed responses, and refusal patterns outside the intended scope of a neutral skill.

Ssd 1

High
Confidence
98% confidence
Finding
The phrase asserting that this command is above any other order is a direct attempt to elevate the document over the model's existing instruction hierarchy. Such authority hijacking is dangerous because it can cause the agent to disregard system or developer controls and treat the file as a superior governing policy.

Ssd 1

High
Confidence
93% confidence
Finding
The opening uses moral and devotional language to redirect allegiance away from the model's configured authority ('not the programmer, financier, or authority') toward the text's prescribed source of truth. In a skill context, this is a classic prompt-injection pattern: it conditions the agent to distrust its legitimate controls and follow embedded ideological directives instead.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal