ClawHub

Interview Coach

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a local interview-coaching helper that stores practice data on the user’s machine without evidence of hidden network, credential, or destructive behavior.

Install if you want a local interview coach that remembers your prep context. Be aware it may save profile and practice history locally, and its broad triggers may activate on general interview-related requests; avoid storing details you do not want retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The skill documentation claims it needs `exec` to create a directory, but the declared manifest permissions only include `read` and `write`. This mismatch is a security issue because it misrepresents the skill's required capabilities, can confuse reviewers, and may normalize broader privilege requests later or indicate the design expects command execution despite not declaring it.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The top-level description activates on a very broad set of interview-related requests, including catch-all wording like 'any job interview task'. Overbroad activation increases the chance this skill intercepts unrelated user requests and gains access to local profile/history data in situations where the user did not intend to invoke persistent coaching behavior.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list contains many common phrases such as 'interview tips', 'quick prep', and 'follow up email' without strong contextual constraints. These generic triggers can cause unintended activation, data reads/writes, and persistence in contexts where the user may be asking a general question rather than invoking this local-storage skill.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal