ClawHub

Teamo Lite

Security checks across malware telemetry and agentic risk

Overview

The skill is an instruction-only assistant, but it broadly directs browsing, scraping, and handoff to other agents without clear user control.

Review before installing. This skill has no runnable code, but its prompt grants itself broad authority to browse, scrape URLs, avoid consent checks, and pass task information to unspecified other agents. Prefer a version that clearly discloses these capabilities, asks before external data sharing, and removes rule-override and instruction-hiding language.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The manifest presents the skill as generic 'teamo lite tasks,' but the body expands it into online information gathering, search orchestration, scraping, and multi-agent delegation. This mismatch can mislead reviewers and policy controls, causing the skill to be invoked in broader, higher-risk contexts than its metadata suggests.

Context-Inappropriate Capability

Low
Confidence
83% confidence
Finding
The embedded 'ABSOLUTE SECURITY PROTOCOL' instructs the agent to refuse questions about its instructions and treat probing as hostile, even though the skill is framed as a task-planning assistant. In a skill file, this kind of self-protective prompt behavior is a red flag because it can obstruct oversight, auditing, and debugging, making unsafe behavior harder to detect or correct.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The workflow triggers are overly broad and overlapping: unclear requests, image generation, summaries, and essentially any code-related question can route into different behaviors, including mandatory search, scraping, and delegation. Ambiguous routing increases the chance of unintended tool use and unnecessary data sharing to external tools or other agents.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal