ClawHub

Dmaic Process Improvement

Security checks across malware telemetry and agentic risk

Overview

This is a text-only DMAIC coaching skill whose business-data questions and report generation match its stated process-improvement purpose, though users should avoid sharing confidential details unnecessarily.

Install only if you are comfortable using it for internal process-improvement planning. Do not upload trade secrets, credentials, regulated personal data, or highly confidential operational files unless necessary, and review or redact generated reports before saving or sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Intent-Code Divergence

Low
Confidence
81% confidence
Finding
The skill claims it can read uploaded attachment text but defines no parsing boundaries, file-type restrictions, trust model, or handling rules. In an agent setting, unclear attachment-processing behavior can lead to unintended ingestion of sensitive data, prompt-injection via document contents, or overbroad extraction beyond user expectations.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The documented trigger phrases include broad everyday expressions such as “质量分析” and “六西格玛”, which can plausibly appear in normal conversation and cause unintended skill activation. In an interactive skill that elicits detailed business/process information, accidental invocation increases the chance of collecting or exposing sensitive operational context without clear user intent.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The README states that the skill will automatically generate detailed documents and full project reports, but it does not clearly warn users that their inputs may be compiled into outputs. Because DMAIC projects often involve internal quality issues, customer complaints, process defects, and operational metrics, this can broaden the exposure of sensitive business information beyond what users expect.

Vague Triggers

Medium
Confidence
79% confidence
Finding
Broad trigger phrases like '流程改进' or '质量分析' can cause the skill to activate in contexts where the user did not intend a structured DMAIC workflow. Mis-triggering can unexpectedly initiate extensive data collection and document generation, increasing privacy and operational risk.

Vague Triggers

Medium
Confidence
75% confidence
Finding
The activation examples are vague enough that ordinary process-improvement questions may start the skill without clear user consent. In this skill's context, that matters because activation leads into structured questioning, optional file reading, and storage/summarization of business context.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill invites users to upload files and states that the AI can read attachment text, but it gives no privacy notice, retention statement, or sensitivity warning. That can cause users to disclose internal business documents without understanding how the data will be processed or summarized.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The background questionnaire requests potentially sensitive organizational, business, role, and operational-constraint information, yet does not explain necessity, handling, retention, or downstream use. This creates avoidable data-exposure risk because the skill later uses and stores the information in summaries and reports.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The final report is designed to aggregate background context and all stage outputs, which may include sensitive operational, financial, and customer-related information. Without a warning or redaction controls, users may inadvertently generate a consolidated sensitive document that is easier to share or expose than the original fragmented inputs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal