ClawHub

Apollo Research Synthesis

Security checks across malware telemetry and agentic risk

Overview

This is a transparent instruction-only workflow skill for coordinating multi-agent research, with no executable code, installs, credentials, or hidden data handling.

Install this if you want agents to use a parallel-research and coordinator-synthesis workflow. Review when it activates, since generic terms like summarizing or synthesizing could load it in broader contexts than intended, and keep sub-agent/tool permissions appropriate for the specific task.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger list contains broad, high-frequency terms such as “综合”, “汇总”, “Coordinator”, and “delegation”, which can cause this skill to activate in many unrelated conversations. Over-broad activation increases the chance that workflow instructions about spawning agents, isolation, and task decomposition are injected into contexts where they are unnecessary or inappropriate, potentially altering agent behavior unexpectedly.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The read_when conditions are broad and ambiguous, covering common situations like decomposing complex problems or summarizing multiple sources. Because these are routine tasks for many agents, the skill may be loaded too often and steer the agent toward a specific coordination model even when the user did not request multi-agent behavior, creating unnecessary delegation or workflow manipulation risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal