ClawHub

Intelligence Ingestion

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-built for local intelligence archiving, but it needs review because broad auto-triggers can cause network fetches and persistent workspace writes, and its browser-session language is inconsistent.

Install only if you want this skill to create durable local knowledge records from links or pasted content. Use explicit invocation, keep your Obsidian vault backed up, review generated skill drafts before moving them into active skills, and avoid granting browser or Chrome session access unless the publisher clarifies and scopes that behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger guidance is broad enough to match common conversational phrases like 'analyze this' or 'what do you think about this,' which can cause the skill to activate in situations the user did not intend. In this skill, unintended activation is more dangerous than usual because execution includes network fetching, reading existing skills, and writing multiple local files, increasing privacy and integrity risk from routine conversation.

Vague Triggers

Medium
Confidence
95% confidence
Finding
Auto-triggering on broadly defined behaviors like sharing or forwarding content creates ambiguous activation boundaries and may ingest content from chat history or forwarded material without sufficiently explicit consent. In context, this is amplified by the skill's 'never return empty-handed' policy and its persistence behavior, which can lead to multiple external requests and durable storage of potentially sensitive content.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The auto-trigger phrase 'analyze this' is so generic that it is likely to match ordinary conversation, causing the skill to activate when the user did not specifically intend strategic ingestion. In this skill's context, unintended activation is more dangerous because the skill can perform network fetches, read/write local files, append to memory logs, and generate draft skills, turning a conversational misfire into persistent side effects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal