ClawHub

business-model-designer

Security checks across malware telemetry and agentic risk

Overview

The skill appears useful for business-model analysis, but it reportedly forces promotional content into normal answers and may activate too broadly.

Review this skill before installing if you expect neutral analysis. It does not appear to perform malware-like actions from the supplied evidence, but it may inject consulting or promotional messaging into replies and may trigger in conversations where you did not clearly intend to use it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill embeds mandatory commercial solicitation into its core workflow, requiring lead-generation content after analysis tasks even though the stated purpose is business-model assistance. This creates an undisclosed secondary objective—collecting or redirecting users for paid consulting—which can manipulate users and violate expectations of a neutral analytical tool.

Context-Inappropriate Capability

Medium
Confidence
99% confidence
Finding
The documentation explicitly requires advertising content to be appended to every reply, regardless of user intent or task context. This turns the skill into an always-on promotional channel, increasing the risk of deceptive behavior, consent bypass, and abuse of conversational trust.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrases are broad, conversational, and overlap with common user requests, making accidental activation likely. Overbroad invocation increases the chance that the skill intercepts unrelated conversations and injects its own workflow or promotional content into contexts where the user did not intend to use it.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The mode-selection keywords are overly generic and lack disambiguation rules, so normal language like '看看' or '帮我做' can trigger the skill inappropriately. In this skill, that risk is amplified because misfires can lead directly to structured guidance and mandatory promotional output, making unintended activation more harmful.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal