ClawHub

brainstorming

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only brainstorming skill that guides design planning and documentation, with disclosed but somewhat broad instructions to save and commit a design document.

Install this if you want structured design discussions before implementation. Be aware it may activate broadly for creative or behavior-changing work, and ask your agent to confirm before writing docs or making git commits if you want tighter control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a pre-implementation brainstorming aid, but its instructions extend into side-effectful actions like writing files and committing to git. That scope expansion creates an integrity risk because invoking a supposedly low-risk planning skill can unexpectedly modify the repository and persist changes without a separate, explicitly authorized implementation step.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
Committing to git is not necessary for brainstorming and gives the skill persistence capabilities beyond its stated purpose. If automatically followed, this could create unauthorized commits, pollute history, or smuggle changes into a trusted workflow under the guise of harmless design assistance.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The instruction that the skill 'MUST' be used before nearly any creative work is overly broad and can force unnecessary invocation across many unrelated tasks. In context, that increases exposure to the skill's side-effectful behaviors, making its file-writing and git-related instructions more dangerous because the skill becomes a near-universal gate in the workflow.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal