ClawHub

Party Planner Pro

Security checks across malware telemetry and agentic risk

Overview

Party Planner Pro is a coherent local event-planning skill, though users should treat its guest, budget, dietary, and venue data as private.

Install only if you are comfortable storing party details, guest contact information, dietary/allergy notes, venue addresses, vendor details, and budget data as local plaintext files. Review scripts before running setup, verify paths before uninstalling, and avoid sharing exported reports unless you have checked them for private information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The README advertises activation with a very broad natural-language phrase: "Help me plan a birthday party for 30 people." Broad, everyday triggers increase the chance the skill is invoked unintentionally during unrelated conversations that mention planning a party, which can cause unwanted context switching or execution of skill behaviors without clear user intent. The self-attested security language in the README does not reduce this risk and should not be relied on.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The setup block instructs the user to create directories, change file permissions, and execute a shell script with no safety warning, no request for inspection, and no explanation of trust assumptions. Because the file explicitly tells users to paste the block into an AI agent and run commands exactly, it increases the chance of blind execution of installer logic that could be modified or malicious.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The uninstall instructions use a destructive recursive deletion command and only briefly mention backing up data. Even though the target path is relatively scoped, users are being encouraged to run an irreversible command without stronger safeguards, confirmation steps, or validation of the path.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill advertises activation for very broad situations like any conversation about parties, events, guest lists, budgets, menus, timelines, or vendors. Overbroad triggers increase the chance the skill activates in unrelated contexts and gains access to or influences conversations containing personal planning data without sufficiently clear user intent.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Many capability sections are triggered by generic phrases such as 'add guests,' 'set a budget,' 'create a timeline,' or 'vendor contacts,' with no confirmation step. This can cause unintended execution, file creation, or modification of sensitive event records based on ambiguous conversational language.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script exports potentially sensitive personal and event data, including guest counts, dietary restrictions, venue details, and budget information, into a shareable markdown report. Even though the file is created with restrictive permissions, the feature materially increases the chance of unintended disclosure because it is explicitly designed for redistribution and provides no warning, minimization, or consent gate.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal