ClawHub

Threat Briefing

Security checks across malware telemetry and agentic risk

Overview

This is a simple instruction-only skill for creating cybersecurity threat briefings from public sources, with no evidence of hidden access or unsafe behavior.

This appears safe to install for users who want structured cybersecurity briefings. Be aware that broad trigger phrases may activate it on general security-news prompts, and verify cited threat-intelligence sources before taking operational action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase "cyber news" is broad enough to match many ordinary user requests about general cybersecurity developments, which can cause unintended skill activation. In an agent environment, this can override more appropriate routing and lead to unexpected behavior or disclosure of formatted briefing content when the user did not explicitly request this skill.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The phrase "security briefing" is ambiguous because it can refer to physical security, executive updates, compliance summaries, or cybersecurity reporting. This ambiguity increases the chance of accidental activation and misrouting, especially in systems where trigger matching is lightweight or keyword-based.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger "daily threats" lacks enough context to indicate cybersecurity, threat intelligence, or briefing generation, so it may match unrelated user requests. Overly generic triggers increase unintended invocation risk and reduce confidence that the skill is being used with informed user intent.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger "weekly intel" is vague and could refer to business intelligence, competitive intelligence, military intelligence, or other summaries unrelated to cybersecurity. In context, the skill is benign, but the trigger design makes unintended activation more likely and can interfere with correct skill selection.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal