ClawHub

M.A.D. SEO CONTENT

Security checks across malware telemetry and agentic risk

Overview

This SEO skill appears purpose-aligned, but it persistently stores WordPress publishing credentials in a local shared folder and has broad triggers that could activate it outside a clearly SEO-specific request.

Install only if you are comfortable with this skill storing a WordPress application password under the local shared M.A.D. SEO folder. Use a dedicated low-privilege WordPress account, revoke or rotate the application password after use, restrict access to the shared workspace, and review the dependent skills and any recommended WordPress plugin before connecting a production site.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly states that WordPress application passwords are stored locally in PROJECT_STRATEGY.json, but it does not provide strong warnings about secret persistence, file-level protection requirements, rotation, or the risk that other local skills or users may access the protected path. In this context, these credentials can enable authenticated access to the user's WordPress site, so unclear secret-handling guidance materially increases the chance of credential exposure and downstream site compromise.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list includes generic phrases such as "Plan my strategy," "Draft an article," and "Generate schema," which are broad enough to match common user requests outside a clearly bounded SEO workflow. This can cause the skill to activate unexpectedly, giving it access to its file permissions and dependent capabilities in contexts the user did not intend, increasing the risk of overreach or unintended data handling.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal