ClawHub

Reproduce

Security checks across malware telemetry and agentic risk

Overview

This skill openly spawns child AI agents, but it needs review because those children can receive sensitive context and broad delegated tools without hard scoping controls.

Install only if you want agents to delegate work to additional model calls. Require your own approval before spawning on sensitive tasks, omit tools unless necessary, pass narrowly scoped tools when file or account access is needed, sanitize progress snapshots for secrets and personal data, and avoid fire-and-forget for work that affects important files, accounts, or costs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The spawner allows the caller to hand arbitrary tools to the child agent, including file read/write or other sensitive capabilities, while also injecting broad task context into the child prompt. In this skill context, that makes delegation materially more dangerous because a spawned sub-agent can be over-privileged relative to the intended sub-task and may misuse powerful tools to access or modify unintended resources, especially if prompt injection or task ambiguity influences the child.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The skill instructs agents to 'always use this skill' for broadly defined delegation scenarios, including subjective conditions like complexity or context pressure. In practice, this can lead to over-spawning, causing unnecessary transmission of task context to external model providers and expanding the attack surface by creating more agent instances with delegated tools and file access.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal