ClawHub

Skills Builder

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only helper for creating Skills, with no code or credential access, but users should review generated Skills before installing them because they can shape future agent behavior.

Safe to install for guided Skill creation. Before installing any Skill it generates, read the full SKILL.md, narrow broad trigger phrases, remove private or sensitive examples, and avoid preserving instructions that should not affect future conversations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The description includes broad trigger phrases such as 'I want to customize your behavior' and 'help me make a template', which can overlap with many benign user requests and cause the skill to activate unexpectedly. Because this skill can generate persistent behavior instructions, over-triggering increases the chance of unintended skill creation, capture of unrelated user intent, or confusion about when the agent is modifying long-term behavior versus answering a normal request.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The skill directs the agent to automatically generate a SKILL.md artifact after confirmation, but does not require a clear warning that a file-like deliverable is being created or that its contents may persist and affect later behavior. In a skill-building context, this is risky because non-technical users may not understand they are creating reusable instructions that can later activate automatically.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The listed 'universal trigger phrases' are extremely generic requests such as asking to customize behavior or save a workflow, which can overlap with ordinary user conversations and cause unintended activation of the skill. In a skill-builder context, this increases the chance that the agent will enter skill-creation behavior when the user did not explicitly intend to do so, potentially disrupting normal operation or causing unreviewed skill-generation flows to start.

Ssd 3

Medium
Confidence
95% confidence
Finding
The instruction to 'look back at our conversation' and automatically extract rules from chat history lacks scope limits, minimization requirements, or an explicit permission checkpoint. This can cause sensitive information from prior messages to be repurposed into a persistent skill artifact, exposing private preferences, confidential workflows, or regulated data beyond the user's intended scope.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal