ClawHub

Token Saver 75+

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it asks your agent to always route work and full context to other model agents without enough boundaries.

Install only if you intentionally want persistent token-compression and model-routing behavior. Before using it on sensitive work, add local rules requiring confirmation before sessions_spawn, sharing only the minimum necessary context, limiting spawned-agent tools, and checking model/provider cost and privacy implications.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
87% confidence
Finding
Describing the skill as "always-on" and applying it to "every request" creates an unbounded behavioral override that can silently affect unrelated tasks, including safety-sensitive or detail-heavy requests. In agent systems, broad activation conditions are risky because they increase the chance of unintended instruction precedence, degraded responses, or suppression of necessary detail without explicit user consent.

Vague Triggers

Medium
Confidence
85% confidence
Finding
Stating that no special command is needed and the skill is always active removes clear user or developer control over when the behavior should apply. That makes accidental invocation likely and can cause persistent compression, altered tool behavior, or context pruning in situations where completeness and transparency are required.

Vague Triggers

Medium
Confidence
80% confidence
Finding
Broad natural-language triggers like "Be dense" or "No fluff" overlap with ordinary user phrasing, so the skill may activate unintentionally during normal conversation. In an always-on optimization skill, that ambiguity can lead to silent behavioral changes, including over-compression or reduced explanation quality, without meaningful user awareness.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill is explicitly designed as an always-on routing and compression layer that silently classifies every message and can mandate spawning additional sessions for broad categories of requests. This creates a real risk of unintended invocation, causing unexpected model delegation, higher exposure of user context to extra agents/models, and altered behavior even when the user did not request this skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal