ClawHub
Back to skill

Security audit

Press Release Writer

Security checks across malware telemetry and agentic risk

Overview

This is a normal press-release writing skill, but it includes an under-scoped step that may pass sensitive draft announcements to an unspecified humanizer skill.

Use this skill only with clear workspace boundaries and review any generated or edited files. For confidential, embargoed, financial, legal, crisis, acquisition, or breach announcements, instruct the agent to skip the humanizer/delegation step unless you explicitly approve the exact tool and content to share.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill explicitly instructs the agent to invoke a separate 'humanizer' or 'AI detection cleanup' capability, which goes beyond the core press-release-writing function and creates unnecessary cross-skill/tool chaining. This expands the attack surface, can route sensitive draft content into unrelated processing paths, and may enable policy evasion by reframing content as making text appear more human or less detectable.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description includes a very broad trigger phrase such as 'I need to announce something,' which can match many unrelated user intents and cause the skill to activate when a press-release workflow is not appropriate. Over-broad invocation increases the chance of unintended file reads, unnecessary question flows, or inappropriate drafting behavior in contexts outside PR writing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.