ClawHub

Caveman

Security checks across malware telemetry and agentic risk

Overview

This skill mainly changes the assistant into a deliberately terse writing style and does not show hidden data access, destructive behavior, or privileged actions.

Install only if you want terse caveman-style answers. Use "normal mode" or "stop caveman" when clarity, nuance, legal/medical/security wording, or formal output matters. Do not run the benchmark script unless you intend to use the Anthropic API and are comfortable with it reading local environment settings and writing local benchmark results.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (9)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase "less tokens please" is broad and plausibly overlaps with ordinary user requests about concise answers. That can activate the skill unintentionally and change assistant behavior without clear user opt-in, which is risky for a plugin that persists across sessions.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The README describes behavior that systematically rewrites responses into a constrained "caveman" style, removing articles, pleasantries, and hedging by default once active. This can override user-preferred communication style and reduce nuance in sensitive contexts, especially if the mode is triggered accidentally or remains enabled across sessions.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill defines broad trigger phrases such as "be brief," "less tokens," and automatic activation whenever token efficiency is requested. This can cause the mode to activate during ordinary user requests that are not an explicit opt-in, changing assistant behavior unexpectedly and potentially degrading clarity, safety nuance, or task suitability.

Natural-Language Policy Violations

Low
Confidence
84% confidence
Finding
The skill enforces a distinct communication style and also permits activation from broad phrases rather than strong, explicit consent. While not directly enabling code execution or data exfiltration, it can override expected assistant behavior and reduce response quality or precision in contexts where normal phrasing is important.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill declares broad auto-trigger phrases like "be brief," "less tokens," and automatic activation when token efficiency is requested. This can cause unintended mode switching, altering response style without clear confirmation and potentially degrading usability or causing the assistant to ignore a user's preferred communication format.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The core rule directs the assistant to always respond in a constrained style once the skill is active, but the skill does not ensure explicit user consent at activation time. In practice, this can create unwanted behavior changes, especially when combined with vague triggers, and may reduce clarity for safety-sensitive or nuanced responses.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill advertises broad auto-trigger phrases such as 'be brief' and 'less tokens', which can activate the mode in contexts where the user did not explicitly request a persistent response-style change. This is a real policy/quality weakness because it can unexpectedly alter assistant behavior, though it does not introduce direct code execution, data exfiltration, or privilege escalation risk.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases are broad enough to activate on common requests like 'be brief' or general token-efficiency prompts, which can cause the skill to override the expected assistant style without clear, explicit opt-in. This is primarily a policy and UX integrity issue: unintended activation can degrade response quality, omit helpful nuance, or apply the mode in contexts where precision and tone matter.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The skill automatically enforces a communication style when it infers token-efficiency intent, even if the user did not specifically request this persona. In a general assistant context, automatic style switching can alter safety-sensitive phrasing, reduce clarity, and create mismatches between user expectations and system behavior, especially in domains where careful wording is important.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal