ClawHub

Haqq Workbench

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed workflow orchestrator, but it can route broad requests into publishing, messaging, memory, and skill-publishing workflows without clear confirmation controls.

Review before installing. This skill should only be used if you want a master router for Haqq workflows. Require explicit user confirmation before anything is published, sent, saved to memory, or uploaded to ClawHub, and treat the current trigger map as advisory rather than automatic execution policy. VirusTotal and static scan were clean; the Review verdict is based on under-scoped high-impact orchestration, not malware evidence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger conditions are extremely broad, including phrases like 'any Islamic/ethical content' and 'any task requiring multiple skills,' which can cause the orchestrator to activate for a wide range of normal user requests. In a master coordination skill, this increases the chance of unintended routing, overreach into unrelated tasks, and unsafe delegation to publishing or memory-related subskills without sufficiently narrow user intent.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The skill body is entirely in Arabic without presenting a language-selection mechanism or a documented locale restriction, which can cause users or supervising systems to misunderstand the workflow and safety constraints. For a master orchestrator that coordinates verification, publishing, and memory functions, reduced comprehensibility can lead to misuse, missed review, and incorrect activation decisions.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases in this range are broad enough to match common user language, which can cause unintended skill activation and misrouting of requests. In a skill-routing map, ambiguous activation criteria increase the chance that sensitive workflows such as research, ethical analysis, or content generation are invoked without clear user intent.

Vague Triggers

Medium
Confidence
96% confidence
Finding
Using generic triggers such as 'انشر', 'أرسل', and 'رسالة' for posting and messaging skills is dangerous because these are common verbs that can appear in harmless discussion, drafts, or quoted text. If the agent uses this map operationally, an attacker or accidental user phrasing could trigger outbound communication actions, leading to unauthorized posting, messaging, or data disclosure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal