ClawHub

Ai Seo

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only AI SEO guidance skill with no executable code, hidden installation behavior, credential use, or persistence.

Safe to consider for AI SEO guidance. Before installing, review any local product-marketing context files it may read, and treat robots.txt crawler recommendations as a business decision because allowing AI bots can affect how public site content is crawled, reused, or cited.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The activation text is very broad and includes many overlapping SEO and content-marketing phrases, which can cause this skill to trigger for general SEO or content requests that would be better handled by narrower skills. Misrouting is a security and safety concern because it can bypass more appropriate task boundaries, produce irrelevant guidance, and increase the chance that the agent reads optional local context files unnecessarily for unrelated requests.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The evaluation explicitly rewards the skill for triggering on vague, casual phrasing ('we noticed our competitors are showing up... what do we need to change?') without requiring stronger disambiguation or routing checks. This can cause the agent to over-activate the ai-seo skill on loosely related SEO or marketing requests, leading to misrouting, overbroad advice, and reduced reliability in security-sensitive or high-impact workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal