ClawHub

Project Management Guru (ADHD)

Security checks across malware telemetry and agentic risk

Overview

The skill is instruction-only and mostly purpose-aligned, but it describes sensitive workplace monitoring and forceful interventions without clear consent, opt-out, or privacy boundaries.

Review carefully before installing or using this in a workplace. It is safest as advice-only guidance. Do not connect it to Slack, GitHub, calendars, or time tracking unless every affected person has opted in, recipients and message frequency are constrained, and data retention and escalation rules are documented. Avoid using the coercive break language or any physical-intervention workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The implementation materially diverges from the documented safety protocol: it infers hyperfocus after roughly 10 minutes of continuous activity and never checks the stated conditions for suppressing intervention. In a monitoring-and-outreach skill, this mismatch can trigger unnecessary or mistimed interventions, creating privacy, autonomy, and workflow harms for the engineer being monitored.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The text presents ADHD engineers as categorically suffering greater productivity loss than neurotypical engineers in absolute terms, without sourcing, qualification, or framing as an individualized experience. In a workplace-oriented skill, this can reinforce stigmatizing assumptions, invite discriminatory decision-making, and normalize treating ADHD workers as inherently less efficient.

Natural-Language Policy Violations

High
Confidence
97% confidence
Finding
The skill prescribes forced intervention ('physical visit', 'video call', 'non-negotiable') and uses quasi-medical coercive language without evidence of user opt-in or appropriate authority. In a workplace assistant context, this can normalize harassment, boundary violations, and unsafe health-related directives targeted at individuals based on inferred behavioral state.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The protocol defines behavioral surveillance using Slack presence, commit activity, and calendar blocks without any notice, consent, retention, or purpose-limitation guidance. This creates a privacy risk because employees may be monitored across multiple systems and categorized into mental-state-like buckets without transparency or safeguards.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The code operationalizes monitoring-triggered outreach by automatically sending DMs and scheduling follow-ups, but there is no indication the monitored person was informed or consented to this workflow. Automated intervention based on observed behavior increases the privacy and autonomy impact because the system is not merely collecting data; it is acting on it directly.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill describes automated Slack DMs and scheduled reminders without any explicit consent, opt-out, rate-limit transparency, or warning about workplace privacy implications. In a project-management context, automatically messaging employees about task status can expose sensitive workflow information, create unwanted monitoring pressure, and cause messaging abuse if enabled broadly or for the wrong recipient.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal