ClawHub

Smart Teacher

Security checks across malware telemetry and agentic risk

Overview

Smart Teacher is a small offline education-planning skill that generates lesson plans, schedules, rubrics, and assessments without hidden data access or persistence.

Reasonable to install for classroom planning. Be aware that common education phrases may invoke it, and avoid entering sensitive student information unless that is appropriate for your local privacy requirements.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill requests Bash permission even though its documented purpose is content generation for lesson plans, schedules, rubrics, and assessments. This expands the attack surface unnecessarily: if the skill is invoked or extended with untrusted input, shell access could enable file system access, command execution, or data exfiltration that is unrelated to the stated educational function.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger phrase "assessment" is very broad and likely to match many ordinary educational or evaluative requests outside the user's intent to invoke this specific skill. Overly generic triggers can cause accidental activation, unexpected tool execution, and broaden exposure to any permissions the skill holds, which is more concerning here because the manifest also grants Bash capability.

Vague Triggers

Medium
Confidence
74% confidence
Finding
The trigger phrase "learning objectives" is generic educational language that may activate the skill during normal discussion rather than an explicit request to use the tool. While not directly harmful by itself, ambiguous activation can lead to unintended behavior and increases risk when combined with unnecessary elevated permissions like Bash.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal