ClawHub

Expert Insist

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed prompt-only advice-quality skill with broad auto-triggering, but no code execution, data access, credentials, networking, or destructive behavior.

Install this if you want the assistant to be more opinionated and self-critical when giving advice. Be aware it may activate on broad words like analyze, recommend, or suggest, so narrow or disable it if it interferes with factual answers, coding tasks, or other skills.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README states the skill auto-triggers on broad opinion-oriented phrases such as 'analyze this', 'recommend', and strategy/planning questions. In an agent framework, such wide matching can cause the skill to activate on many ordinary requests without explicit user intent, unpredictably altering the assistant's behavior and inserting hidden prompt logic into unrelated conversations. In this context, the risk is real but moderated because the skill is framed as advice-quality control rather than exfiltration or privilege escalation.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The auto-trigger conditions are very broad and match common advisory language such as “建议”, “分析”, and “推荐”, which can cause the skill to activate in many ordinary conversations where the user did not intend to invoke this behavior. That creates prompt-routing ambiguity and increases the chance that this skill overrides more appropriate skills or injects an unsolicited opinionated response pattern into unrelated tasks.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal