ClawHub

Human Distill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed research workflow for collecting public creator content into local notes, with privacy and session-reuse caveats users should understand before running it.

Install only if you want an agent to research public creators and save the resulting notes locally. Before running, confirm the target, topic, depth mode, browser profile, and output paths, and avoid using it on private, paid, or sensitive personal content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad enough to activate the skill for generic requests like '人物画像' or '蒸馏', which can cause the agent to initiate web scraping and profile-building when the user did not clearly intend this specific high-data-collection workflow. In this skill, accidental invocation is more dangerous because it combines broad search, browser-based scraping, and local persistence of collected data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs use of persistent browser profiles and reused login sessions, but does not clearly warn the user that authenticated state may be reused across runs and identities. This increases the risk of unintended access to logged-in content, account actions under the user's session, or privacy leakage from cross-task session reuse.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow explicitly writes scraped profile, search, and video data into local memory/ and people/ files, but does not clearly warn the user that potentially sensitive personal data and content snapshots will be stored persistently. This is risky because the skill builds dossiers on individuals and may retain more data than the user expects, increasing privacy, retention, and secondary-use exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal