ClawHub

reson8-phason

Security checks across malware telemetry and agentic risk

Overview

This skill is instruction-only and not malware, but it asks agents to change ledger state and replay cached resolution events without enough safeguards.

Install only if you use the Reson8/POP workflow and can keep it scoped to a controlled ledger. Require explicit approval before any ledger commit, lock release, bulk resolution, or cached-event replay, and avoid storing sensitive operational state in long-lived browser localStorage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list contains very broad terms such as "resolve," "deadlock," and "split brain," which are likely to appear in unrelated contexts. Because this skill is designed to take state-changing actions like selecting a candidate state, committing to a ledger, releasing locks, and replaying buffered events, accidental invocation could cause unintended system mutations or conflict resolution without appropriate operator intent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill describes mutating operational state and caching event data in localStorage for offline replay, but does not present a clear warning, consent boundary, or security control around those actions. In context, localStorage is especially risky because it is persistent, accessible to client-side scripts, and unsuitable for sensitive operational data; replaying cached resolution events can also duplicate or reapply state transitions if integrity and idempotency controls are weak.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal