ClawHub

revol-guide-creator

Security checks across malware telemetry and agentic risk

Overview

This is a local documentation helper whose file reads and writes match its stated purpose.

Install this only if you want an agent to maintain project guide files. Confirm the project root before running scripts, review generated Markdown changes, and avoid --force unless replacing existing start.md or guide/ files is intentional.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill instructs the agent to read and write project files and to run local helper scripts, but it does not declare permissions or present explicit user-facing guardrails around those capabilities. This creates a mismatch between what the skill can cause the agent to do and what a user may reasonably expect, increasing the chance of unintended file modification or overbroad access during execution.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The 'context recovery' activation condition is ambiguous and encourages automatic reading of project documentation at the start of a new conversation without a clear, current user request. That can lead to unauthorized or unnecessary access to potentially sensitive local files, especially because the workflow recommends reading multiple documents in sequence.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The 'context recovery' activation condition is ambiguous and encourages automatic reading of project documentation at the start of a new conversation without a clear, current user request. That can lead to unauthorized or unnecessary access to potentially sensitive local files, especially because the workflow recommends reading multiple documents in sequence.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill description explains initialization and update behavior but does not prominently warn that these modes create new documentation files and append to existing ones. Without that notice, users may invoke the skill expecting advice only and instead cause persistent changes to a repository or working tree.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The context-recovery workflow directs the agent to read project documents in a prioritized sequence but provides no privacy warning or consent checkpoint before accessing those files. In repositories that contain secrets, internal architecture details, or sensitive operational notes, this can expose more information than necessary for the user's immediate task.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal