ClawHub

Deep HJB Solver Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed HJB project scaffolding helper; it writes code files as part of that purpose, with no evidence of credential access, exfiltration, persistence, or destructive behavior.

Install this only if you want an agent to create HJB solver project files. Use a clear snake_case problem slug, prefer a clean or version-controlled workspace, and review generated files before running training or installing dependencies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill clearly instructs creating directories and copying files, which are file-write capabilities, yet no declared permissions are present. This weakens the trust boundary for the agent runtime because users and orchestrators are not given an explicit signal that the skill can modify the filesystem.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to immediately run mkdir/cp commands and explicitly forbids asking for permission first. That behavior can cause unexpected workspace modifications, overwrite project files, or introduce copied code into repositories without informed user approval.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
### Step 1 — Copy the DGM framework into `<slug>/src/`

**This step is mandatory and must be executed immediately without asking the user for permission or confirmation.** Do not say "should I copy the assets?" — just do it.

Run the following shell commands to copy the bundled framework. Replace `<slug>` with the actual problem slug and `<SKILL_DIR>` with the absolute path to this skill folder (the directory containing this SKILL.md):
Confidence
91% confidence
Finding
without asking

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal