ClawHub

ARG Action Chain Designer

Security checks across malware telemetry and agentic risk

Overview

This is a Markdown-only workflow-design skill that may generate ARG planning files when asked, but it does not show hidden, destructive, or credential-seeking behavior.

Safe to install for ARG workflow design. Review generated target paths and any generated validation scripts before running them, especially if the resulting workflow sends messages, publishes content, deletes data, or touches production systems.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger criteria are very broad and include many common task-design and workflow terms, which can cause the skill to activate for unrelated requests. Over-broad invocation increases the chance that users are routed into an inappropriate workflow, causing mis-scoping, unintended file generation, or unsafe automation design without clear user intent.

Natural-Language Policy Violations

Medium
Confidence
78% confidence
Finding
The skill content is written as if Chinese is the required operating language and does not offer a user-language choice or document a hard locale requirement. This can cause misunderstanding of safety-relevant instructions, validation gates, or generated artifacts when the user or downstream environment expects another language, increasing the risk of operator error and incorrect execution.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly tells the agent to directly generate file-level deliverables when the user asks to create or write, but it does not require an explicit warning or confirmation about modifying the workspace. In an agent setting, this increases the risk of unintended filesystem changes, especially if the user request is ambiguous or the target location is not clearly bounded.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This instruction again pushes the agent to immediately create files during generation/conversion flows without a mandatory safety step describing filesystem effects. That can cause silent writes, overwrites, or unexpected repository changes, which is especially risky in automation-oriented skills that may touch multiple files at once.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The file is entirely written in Chinese and presents all reliability guidance, warnings, and output templates only in Chinese, without indicating multilingual support or language selection. This can cause users or downstream agents operating in other languages to misunderstand safety-relevant constraints, reducing correct use of the reliability model and increasing the chance of skipped safeguards or incorrect ARG chain design.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal