ClawHub

diffraction-scatter-background-substract

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed scientific data-processing toolkit that reads user-selected diffraction files and writes processed outputs, with no evidence of hidden network, credential, destructive, or persistent behavior.

Appropriate for users processing SAXS/WAXS/XRD or ionchamber data. Before running commands, check the input directories and output paths, since batch modes can read many matching files and write processed results; also be aware the broad trigger wording may activate this skill for some unrelated uses of words like transmission.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes the standalone term "transmission," which is overly broad and can match many unrelated user requests outside X-ray diffraction or background-correction workflows. In an agent-routing context, this can cause incorrect skill activation, pulling the agent into processing unrelated data or instructions and increasing the attack surface for prompt/skill misuse.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes broad terms like 'transmission', 'XY data', 'curve smoothing', and generic scattering/diffraction language, which can cause the skill to activate in unrelated contexts. Over-broad activation is dangerous because it may route user tasks to a file-processing toolkit unexpectedly, increasing the chance of unnecessary file access, misleading workflow selection, or unintended execution of data-transforming commands.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal