ClawHub

Generate Cosmetic Dermatology Clinic Client Education Handout

Security checks across malware telemetry and agentic risk

Overview

This is a simple instruction-only skill for drafting cosmetic dermatology education handouts, with no hidden install behavior, persistence, credential use, or destructive actions.

Reasonable to install for drafting cosmetic dermatology clinic education materials. Users should treat the output as a draft, avoid entering patient-identifiable information, have a licensed clinician review medical claims before patient-facing use, verify rights for any generated visuals, and disable Bash/Read access if local files or shell commands are not needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The description is broad enough that an agent could invoke this skill for general client education tasks outside cosmetic dermatology, increasing the chance of inappropriate use in adjacent or regulated medical contexts. In a medical handout skill, overbroad routing can lead to unreviewed patient-facing content, incorrect medical framing, or use where stronger safeguards should apply.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The 'Use When' section is ambiguous and does not define boundaries, exclusions, or escalation rules, so an agent may select the skill in contexts that are only loosely related to dermatologist or clinic growth work. Because the output is patient-facing educational material in a healthcare domain, ambiguous activation increases the risk of misleading content, regulatory issues, and misuse beyond intended scope.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal