ClawHub

brand-voice

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only brand voice helper with disclosed local profile, hook, and usage-log behavior, and no evidence of hidden execution, credential access, or exfiltration.

Safe to install if you want reusable brand voice profiles. Review or disable the local event logging and learning behavior if you do not want usage history retained, and confirm the selected voice before publishing posts, emails, or other public-facing content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill is presented as a brand tone/style manager, but it also introduces event logging, hook integration, and engagement-learning behavior that materially expands its scope into telemetry and adaptive analytics. In an agent environment, undocumented or weakly justified side capabilities increase the risk of unnecessary data collection and unexpected execution paths beyond what a user would reasonably expect from a writing-style helper.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
Learning tone patterns from engagement data goes beyond static brand-voice management and creates a feedback pipeline that may ingest behavioral or performance data without clear necessity. This is dangerous because it can normalize covert profiling or cross-skill data reuse in a skill whose stated purpose is only tone consistency.

Context-Inappropriate Capability

Low
Confidence
87% confidence
Finding
Recording per-use voice events is telemetry functionality not inherently required for selecting a writing profile. Even if the logged fields seem minimal, usage logs can reveal user behavior, platforms, and workflow patterns, and become sensitive when accumulated across time or correlated with other skill outputs.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger keywords are broad and overlap with ordinary writing requests such as 'writing style' or 'speaking style,' which increases the chance this skill will activate in contexts where the user did not intend to invoke it. In a multi-skill agent, overbroad activation can cause silent policy injection into unrelated tasks and widen the skill's practical influence.

Natural-Language Policy Violations

Medium
Confidence
78% confidence
Finding
The skill establishes a default persona and states that selectable voice behavior applies across content-creation skills, which can impose stylistic constraints without explicit per-request user consent. In context, this is not overtly malicious, but it is risky because it can override user intent, alter outputs system-wide, and make downstream writing behavior less transparent.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal