ClawHub

Hallucination Guard

Security checks across malware telemetry and agentic risk

Overview

This is a coherent verification skill, but it asks agents to run broad local/network checks and auto-fix failures with weak target scoping and user control.

Install only if you want an agent to run local verification commands. Prefer manual use with an explicit target and scope, avoid enabling the global auto-run prompt, and require review before network checks or any file changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly recommends automatic execution before task completion, and the defined checks include filesystem inspection, local command discovery, and optional network requests. Running these checks automatically without a user-facing notice or consent can expose sensitive paths, installed tooling, internal URLs, and environment characteristics, especially in shared, enterprise, or privacy-sensitive contexts.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The instruction to 'fix any FAIL items' encourages autonomous modification of files after running checks, but the skill does not warn that user files may be changed. In practice, remediation for TODOs, placeholders, paths, or docs could alter source code or documentation unexpectedly, creating integrity and safety risks if done without confirmation.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill suggests adding a system-level instruction to run all 14 checks 'before completing any task,' which is overly broad and not scoped to safe contexts. Because the checks span local files, commands, imports, URLs, and potential follow-on fixes, ambiguous activation can cause unnecessary or risky execution on unrelated tasks or sensitive repositories.

Vague Triggers

Medium
Confidence
94% confidence
Finding
Defaulting to the current working file or directory when the target is unclear can cause the agent to inspect or act on unintended files, including sensitive repositories, home directories, or large workspaces. In combination with broad checks and possible auto-fixes, this increases the chance of privacy exposure, excessive scanning, or accidental modification outside user intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal