ClawHub

OPC Framework

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only startup operations framework, but it should be reviewed because it encourages production, account, public-posting, and automation actions without clear approval boundaries.

Install only if you want a broad business/build/ops prompt framework. Treat deployment, public posting, customer support, billing, subscription, and cloud actions as planning advice unless you add explicit human approval, least-privilege accounts, staging checks, data redaction, and easy disable/rollback controls for every automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill provides operational instructions for production deployment actions including database backups, migrations, service replacement, and configuration changes, but it does not include explicit safety guardrails, approval requirements, or warnings about production risk. In an agent skill context, these steps could be executed or recommended with insufficient human confirmation, increasing the chance of accidental outage, bad migration, or production data impact.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The skill hard-requires Chinese output via the output format instruction without offering a language choice or documenting that the skill is specifically intended only for Chinese-speaking users. This can cause unexpected behavior in multilingual agent workflows, reduce usability, and create prompt-routing or policy-compliance issues when downstream components expect the user's language or a configurable locale.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is very broad ('保障系统稳定运行并推动持续优化,监控关键指标与处理故障') and does not define narrow activation boundaries, so an orchestrator or user could invoke it for loosely related operational tasks beyond its intended scope. In an agent system, ambiguous triggering can expand access to sensitive monitoring, incident handling, or automation workflows, increasing the chance of unsafe or unintended actions.

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The skill content is entirely in Chinese and instructs output in Chinese without any mechanism to detect or honor the user's preferred language. This can cause incorrect or inaccessible interactions for users expecting another language, reducing reliability and potentially causing downstream misunderstandings in tool selection and execution.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal