ClawHub

prompt-engineer

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only prompt-engineering skill whose behavior is mostly coherent with its purpose, with a few usability and data-handling cautions rather than evidence of abuse.

Before installing, treat this as a prompt-authoring helper, not a secret-safe prompt vault. Do not ask it to include credentials, private system prompts, hidden chain-of-thought, or confidential customer data in generated prompts. The referenced implementation playbook should be present or the skill may give incomplete guidance, but that does not indicate malicious behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill metadata description is broad enough to match a wide range of ordinary AI or prompt-related requests, which can cause over-invocation of this skill. That is dangerous because it may unnecessarily insert strong behavioral instructions into unrelated tasks, increasing the chance of scope creep, user-intent override, or unsafe prompt generation in contexts where a narrower specialist skill should have been used.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The use conditions are vague phrases like 'prompt engineer tasks or workflows' and 'needing guidance,' which do not provide clear routing boundaries. In practice this can make the skill activate on loosely related requests, causing instruction hijacking of the assistant's response style and exposing users to unsolicited full-prompt outputs that may be inappropriate for the task.

Natural-Language Policy Violations

Low
Confidence
76% confidence
Finding
The instruction to ALWAYS display the complete prompt text forces a response format regardless of user intent. This is risky because it can override user preferences, reveal internal scaffolding unnecessarily, and encourage generation of copy-pastable prompts even in sensitive or higher-risk contexts where summaries, partial templates, or safer abstractions would be more appropriate.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal