ClawHub

Task Orchestra

Security checks across malware telemetry and agentic risk

Overview

This skill is not overtly malicious, but it asks for broad multi-agent control and an unexplained API key/install path without enough user-control boundaries.

Install only if you intend to let the agent coordinate multiple subagents. Require explicit approval before spawning, steering, killing, publishing, deploying, or writing shared workflow files, and avoid placing secrets or private data in shared state. Ask the publisher why BRAVE_API_KEY and the npm async install are needed before granting those requirements.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The quick actions and examples are broad enough to match many ordinary user requests, which increases the chance the skill will activate in situations the user did not explicitly intend. In an orchestration skill, accidental invocation is more dangerous than usual because it can initiate multi-step workflows and delegate actions to subagents, amplifying downstream side effects.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly describes capabilities to spawn, steer, and kill agents, coordinate through shared files, and run publication or deployment workflows, but it does not pair those actions with user-visible safeguards or warnings. In this context, omission of guardrails is risky because an orchestration layer can indirectly modify data, terminate running work, or trigger externally impactful operations at scale.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal