ClawHub
Back to skill

Security audit

Workflow Optimizer

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only workflow optimization skill, with no executable code or hidden access, but users should scope any workflow data they share.

Reasonable to install as an analysis aid. Before using it on business or personal workflows, explicitly limit what task data the agent may consider, and review any generated automation scripts, scheduled jobs, webhooks, or monitoring ideas before implementing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation examples use very broad prompts such as analyzing or optimizing an unspecified process, without defining what data sources, permissions, or operational boundaries the skill may use. In an agent environment, this can cause over-collection of context or unintended actions on unrelated workflows because the activation scope is underspecified.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill is introduced through broad use scenarios rather than clear activation rules, making it ambiguous when the agent should invoke it and what inputs are in scope. That ambiguity increases the chance of inappropriate triggering, context bleed from unrelated tasks, or analysis of sensitive operational data the user did not intend to expose.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation states that the system automatically collects task execution data, generates reports, and identifies optimization opportunities, but it does not warn users about privacy, retention, consent, or sensitivity implications. This is dangerous because workflow telemetry can include behavioral, operational, and potentially confidential business information, creating a meaningful risk of unauthorized monitoring or data misuse.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.