ClawHub

Phy Cwv Budget Guard

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local Core Web Vitals auditing skill that runs Lighthouse and stores local performance history, with no evidence of hidden or unrelated behavior.

Install this if you are comfortable letting the agent run local npm/npx, Lighthouse, Chrome, and Python commands against URLs you provide. Prefer explicit /cwv-check invocations, avoid auditing sensitive authenticated pages unless intended, and consider adding generated files such as cwv-report.json and .cwv-history.json to .gitignore because history can include staging URLs, branch names, and git SHAs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
74% confidence
Finding
Using "core web vitals" as a standalone trigger is ambiguous because it may appear in normal advisory conversations rather than as a command to execute tooling. That ambiguity can cause unintended skill execution, especially since the skill includes package downloads, local server interaction, and file writes.

Vague Triggers

Low
Confidence
74% confidence
Finding
Using "core web vitals" as a standalone trigger is ambiguous because it may appear in normal advisory conversations rather than as a command to execute tooling. That ambiguity can cause unintended skill execution, especially since the skill includes package downloads, local server interaction, and file writes.

Vague Triggers

Low
Confidence
79% confidence
Finding
Unclear activation boundaries make it harder for the agent to distinguish analysis requests from casual discussion, which raises the risk of accidental tool use. In this skill, that matters because activation can cascade into running Lighthouse via npx, contacting URLs, and persisting local history data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal