ClawHub

Prospect List Tiering

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent sales workflow that reads prospect lists and writes prioritization outputs, with no hidden code, installs, network use, or credential handling found.

Install this only in a workspace where the agent is allowed to read prospect or CRM exports and create the two output files. Use a scoped directory with only the intended prospect files, and check for existing tiered-prospect-list.md or daily-action-plan.md files if overwriting would matter.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The manifest description contains very broad trigger language such as general requests to prioritize accounts, clean a CRM, or decide who to call first. In an agent-routing context, this can cause the skill to be invoked for ordinary sales-planning conversations outside its intended scope, increasing the chance it reads local prospect files and generates outputs without the user's specific intent to run this workflow.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes ambiguous phrases like 'who should I call first,' 'account prioritization,' and 'qualified prospects,' which are common across many sales workflows. Because discovery triggers often drive automatic skill selection, these generic cues can misroute unrelated conversations into a file-reading, file-writing workflow, creating unintended data access and action execution.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs the agent to write named output files in the working directory but does not tell the user beforehand that files will be created or potentially overwritten. In agent environments with shared or important working directories, silent writes can destroy prior analysis artifacts, alter user data unexpectedly, or leave sensitive prospect information in new files the user did not authorize.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal