ClawHub

Pa Eval

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate performance-evaluation helper, but it asks to run and log feedback automatically without clear user control.

Install only if you want recurring assistant-performance tracking. Before enabling it, confirm when it runs, where records are stored, how to disable automatic logging, and how to inspect or delete saved evaluations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill is configured to run automatically every 7 days and later includes a shell script that creates and writes evaluation files under the user's workspace without any explicit consent step. Even though the data appears operational rather than highly sensitive, silent persistence can create privacy, auditability, and unwanted side-effect risks, especially when owner feedback and performance history are stored automatically.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The description says to use the skill for broad situations like assessing response quality or identifying areas for improvement, which are common and subjective conditions. Overbroad activation criteria increase the chance the skill runs unintentionally, causing unsolicited evaluation, logging, and file-writing behaviors in normal conversation.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The phrase 'how am I doing?' is a common conversational expression that may appear in many contexts unrelated to a formal evaluation. Using it as an automatic trigger without additional scoping can invoke the skill unexpectedly and generate analysis or persistence actions the user did not intend.

VirusTotal

39/39 vendors flagged this skill as clean.

View on VirusTotal