ClawHub

Phy Ai Context Gen

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed project-scanning helper that generates AI assistant context files, with no hidden executable code or evidence of exfiltration.

Install this only in repositories you are comfortable having an assistant inspect. Review the generated CLAUDE.md, AGENTS.md, .cursorrules, .windsurfrules, and Copilot instructions before approving writes, especially to avoid embedding real secrets or overly broad future-agent permissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases are broad, natural-language requests such as 'set up AI context' and 'help the AI understand this project', which can plausibly appear during normal conversation and cause unintended invocation. Because this skill performs broad repository reads and may generate or overwrite multiple files, accidental activation can expose sensitive project details to the agent workflow and lead to unintended file modifications.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The description emphasizes convenience but does not clearly warn that the skill will inspect many repository files, potentially including sensitive configuration or context-bearing files, and create five output files in the repo. Users may invoke it without realizing the scope of file access and write operations, which weakens informed consent and increases the chance of sensitive data exposure or unintended repository changes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal