ClawHub

Prompt Optimizer

Security checks across malware telemetry and agentic risk

Overview

This is a local prompt-rewriting tool; its broad prompt handling and local prompt display/cache behavior are visible and aligned with that purpose.

Install this only if you want a Chinese-oriented local utility that rewrites prompts before they are sent to an AI. Use explicit invocation rather than broad auto-routing, and avoid secrets or sensitive internal text unless you disable caching and are comfortable with console or output-file exposure.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The documented triggers include very broad, everyday phrases such as asking to write code, check weather, summarize, or chat, without clear activation boundaries or disambiguation rules. In an agent skill system, this can cause the skill to activate unintentionally across many unrelated user requests, leading to prompt hijacking of normal conversations and over-application of its instruction template.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The manifest description promises to automatically translate vague requests into precise AI-executable instructions, but it does not define any trigger boundaries, scope limits, or user-consent conditions. This kind of broad activation language can cause the skill to be invoked in unintended contexts and may enable overbroad prompt rewriting that changes user intent or introduces unsafe instruction expansion.

Ssd 3

Medium
Confidence
87% confidence
Finding
The skill keeps optimized prompt content in a module-global cache keyed by a hash of the original prompt, creating in-memory retention of user-supplied natural-language data across calls. In a multi-user or long-lived process, sensitive prompts can persist longer than expected and may be exposed indirectly through later outputs, debugging, memory inspection, or operational incidents.

Ssd 3

Medium
Confidence
95% confidence
Finding
The tool explicitly includes original and optimized prompts in formatted output and serialization methods, which can disclose secrets, personal data, or proprietary text entered by users. Because this is a prompt-processing skill, the primary data it handles is free-form user input, so echoing and exporting it in plain text materially increases disclosure risk in terminals, logs, files, and downstream systems.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal