Back to skill

Security audit

Generate Travel Hospitality Ad Creative Brief

Security checks across malware telemetry and agentic risk

Overview

This is a simple marketing-planning skill that drafts travel and hospitality ad creative briefs, with no executable code or hidden data access found.

Before installing, verify the manual-install repository if you do not use ClawHub, and avoid sharing proprietary campaign details with any external chat or image-generation provider unless that is acceptable for your team.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The suggested prompt '[Generate Travel Hospitality Ad Creative Brief] for my team' is generic enough to overlap with ordinary user requests about travel marketing, which can cause unintended skill invocation. In agent systems that auto-route based on phrase matching, this increases the chance of the skill being triggered without clear user intent, potentially causing incorrect tool use or workflow execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.