ClawHub

Long Project Manager

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple markdown-based project note system that deliberately creates local files for long-running work and shows no hidden execution, network access, or credential handling.

Install this only if you want the agent to keep durable project notes on disk. Choose the project name/location deliberately, review what gets written to STATUS.md and HANDOFF.md, and avoid storing secrets or sensitive personal information unless you intend future sessions to read it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The skill description uses broad activation language such as long-running work, preserving context, planning, research, and operations, which can match many ordinary user requests. That increases the chance of unintended invocation and file creation or modification without the user clearly asking for persistent workspace behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs the agent to create and continuously update files under a project directory, but it does not require an explicit warning or consent flow before writing to the filesystem. In practice, this can cause unexpected persistence of sensitive notes, plans, links, or outputs on disk when the user may have expected chat-only assistance.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The template hard-codes Chinese section headings, which can steer the agent to produce output in Chinese regardless of the user's requested language or locale. In a long-lived project workspace, that mismatch can degrade usability, create confusion across sessions, and lead to incorrect handoffs or missed instructions when collaborators expect another language.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal