ClawHub

In Person Prospecting Route Planner

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable sales route-planning skill with disclosed local file inputs and a route-sheet output, though users should keep its data access narrow.

Install only in a workspace that contains the appointment, prospect-list, and CRM/account-note files you intend the agent to use. Review the generated route sheet before sharing because it may include addresses, decision-maker names, sales notes, and follow-up details; explicitly tell the agent whether web or LinkedIn research is allowed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill declares a local document/map directory scope with only Read/Write tools, but its instructions tell the agent to use the prospect's website and LinkedIn profile for personalized research. That expands behavior beyond the declared trust boundary and can lead to unintended browsing, collection of external data, or tool/escalation mismatches if an execution environment later permits network access. In a sales-routing skill, this is not necessary for core functionality, so the mismatch is a real scope-creep vulnerability rather than a harmless suggestion.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger list includes broad phrases such as 'planning my field day' and 'driving around my territory' that are common conversational language and may activate the skill outside a clearly bounded routing request. Over-broad activation is dangerous because this skill reads workspace documents and writes route-sheet files, so accidental invocation could cause unintended data processing or file creation in unrelated contexts. The sales context lowers direct security severity, but the combination of discovery triggers and file operations makes this a genuine unsafe-activation issue.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill instructs the agent to produce and write `route-sheet-{date}.md` but does not require any notice, confirmation, or consent before modifying workspace files. Silent file creation is a real safety issue because users may not expect persistent artifacts to be written, and accidental activation or repeated runs can clutter or overwrite planning outputs. In this context the impact is limited because the file content is operational planning, but undisclosed writes still violate least surprise and safe tool-use practices.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal