ClawHub

Openclaw Coworker Prompts

Security checks across malware telemetry and agentic risk

Overview

This is a text-only prompt pack with broad professional-use prompts, but it does not install code, hide behavior, or act automatically.

Install only if you want a general prompt library. Review each prompt before use, grant the minimum tools needed for that specific agent, avoid memory for sensitive data unless retention is understood, and require qualified human review for medical, legal, payroll, finance, security, or operational outputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README includes healthcare-oriented prompts such as patient summarization, care planning, and mental health support without accompanying warnings about protected health information, regulatory obligations, or the limits of AI-generated medical assistance. In this distribution context, users are explicitly encouraged to deploy these prompts as agents with tools, which increases the chance they will be used on real patient data or for quasi-clinical guidance without safeguards.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description is extremely broad and encourages deployment of agents across many professions without defining trigger boundaries, approval requirements, or domain-specific safeguards. In a prompt-pack skill that also permits powerful tools, this can lead users to instantiate agents in sensitive contexts with unclear limits, increasing the chance of unsafe autonomous behavior.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The installation guidance tells users to assign tools like web and exec based on role, but provides no warning that these capabilities can execute commands, access external content, or affect the local environment. Because this is a generic prompt pack rather than a narrowly scoped operational skill, enabling powerful tools without safety guidance makes accidental over-privileging likely.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The sample agent explicitly recommends an exec/edit-capable configuration for pull request review, even though that task normally only requires read access and commenting. This can normalize granting code execution and file modification privileges to a review agent, creating unnecessary risk of workspace tampering, command execution, or abuse if the prompt or reviewed content is adversarial.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal