ClawHub

Nudge CLI

Security checks across malware telemetry and agentic risk

Overview

This skill documents a real accountability CLI, but it also guides agents to collect embarrassing secrets and automatically disclose them to contacts as punishment.

Install only if you intentionally want this kind of high-stakes accountability. Use harmless test content instead of real damaging secrets, verify every recipient and token scope, inspect the installer before running it, and confirm you can cancel tasks, delete stored secrets, and disable messaging punishments before relying on it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation description is overly broad and can cause this skill to trigger in many routine contexts involving tasks, secrets, setup, or command help. That increases the chance the agent will steer users into this skill's high-risk workflow, including collection of sensitive disclosures, when a narrower help skill or safer response would be more appropriate.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly instructs the agent to collect embarrassing secrets and store them without a meaningful privacy warning, consent checkpoint, retention explanation, or safety boundary. Because the stated purpose is later disclosure as punishment, the data collection is especially dangerous and creates coercion, privacy, and abuse risks rather than ordinary note-taking risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The reference explicitly documents commands that can send secrets or punishment messages to external targets, but it provides no warning, consent guidance, or privacy caveats. In this skill’s context, the feature is intentionally designed to disclose sensitive content to third parties, so omission of user-facing warnings materially increases the risk of accidental privacy harm or coercive misuse.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The setup examples show entering a live token and configuring external messaging destinations, but they do not warn about credential exposure, secret handling, or the privacy implications of outbound messaging. This is dangerous because users may paste real credentials into insecure environments or configure automated disclosure channels without understanding the consequences.

Ssd 3

High
Confidence
99% confidence
Finding
This section operationalizes solicitation and storage of highly sensitive disclosures specifically for punitive later disclosure. That is a true safety and security issue because it creates a built-in extortion or blackmail mechanism that could be misused by the system, other users, or anyone with access to stored data.

Ssd 3

High
Confidence
99% confidence
Finding
The welcome text normalizes a coercive model in which failure leads to disclosure of embarrassing secrets to people the user cares about. Even if framed as motivation, this is harmful by design because it encourages collection and threatened release of sensitive information, which can lead to severe emotional, social, and reputational harm.

Ssd 4

High
Confidence
97% confidence
Finding
The onboarding sequence is dangerous in context because it progressively builds trust, configures a delivery channel to third parties, gathers embarrassing secrets, and then binds task failure to disclosure. This staged flow materially increases risk by making a coercive punishment pipeline easy to set up and socially targeted.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal