ClawHub

Graph Of Thoughts

Security checks across malware telemetry and agentic risk

Overview

This appears to be a reasoning-template skill, with incomplete wrapper code and optional cache/memory examples, not evidence of malware or hidden harmful behavior.

Install this only if you want a graph-based reasoning aid. Treat its execution and caching sections as conceptual examples: do not let generated solutions run automatically, and avoid using cache or memory examples with sensitive problems unless you have clear retention controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is described as a reasoning framework, but the documented algorithm includes an 'execute_and_verify' phase. In an agent setting, this can cause a user to invoke what they believe is analysis-only behavior while the skill instead performs actions derived from model-generated output, creating a pathway for unintended side effects or unsafe tool use.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The 'execute_and_verify' routine not only executes the synthesized solution but also backtracks and retries when verification fails. That increases risk because model-produced plans may be repeatedly acted on without explicit authorization, amplifying unintended commands, resource use, or harmful state changes in integrated environments.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
Documenting an execution/verification phase without warning users changes the trust boundary of the skill. Users may provide sensitive prompts or operational tasks assuming the output is advisory, while the skill semantics imply it may carry out synthesized solutions, which is dangerous in agent/tool-connected contexts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The caching design stores similar problems, evaluations, and final results based on user-provided content and derived concepts, but the document gives no retention, privacy, or sensitivity guidance. In multi-user or persistent environments, this can expose confidential prompts, derived reasoning artifacts, or cross-session data through cache reuse or inspection.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal