ClawHub

ClawGuard-Shield

Security checks across malware telemetry and agentic risk

Overview

This appears to be a prompt-injection/text-risk checking skill with overly broad activation wording, but no evidence of harmful actions, persistence, data exfiltration, or privileged access.

Install if you want a helper for prompt-injection or risky-text review, but treat its trigger wording as broad. Use explicit requests like security check or prompt-injection analysis, and avoid letting it replace normal proofreading or general content review unless that is intended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrase “检查这段话有没有问题” is overly broad and can match ordinary conversational requests, causing the skill to auto-activate outside clearly security-related contexts. In an agent environment, ambiguous auto-triggering can invoke the skill unexpectedly, altering routing or processing behavior and creating opportunities for prompt-surface expansion or denial-of-service through unnecessary interceptions.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The statement that the agent will automatically read SKILL.md and execute detection whenever the user says certain content is too absolute and omits matching constraints, precedence, and context requirements. This can lead to unintended activation and overbroad skill invocation, which is risky because skill-loading behavior itself expands the attack surface and may interfere with normal agent behavior.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The activation guidance is broad enough to trigger on ordinary user-input handling, which can cause this security skill to run in many contexts without clear scope limits. Over-broad interception can produce false positives, block benign requests, or cause the skill to inspect inputs more widely than users or developers expect.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal