ClawHub

Automation Testing Protocol

Security checks across malware telemetry and agentic risk

Overview

This appears to be a QA/testing skill whose risky parts are broad guidance and a fixed timezone assumption, not hidden or malicious behavior.

Install this only where you want agents to apply QA/testing guidance, and review before allowing it to run tests, create helper files, or enforce timezone behavior. For multi-region or production-sensitive projects, override any fixed Africa/Cairo-style timezone rule with the project’s configured timezone.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README states that agents in the OpenClaw environment will 'automatically follow this skill' without defining scope, approval requirements, or trigger boundaries. Broad automatic activation can cause the skill to influence unrelated tasks or be applied in contexts where test execution, connector checks, or other QA actions are unsafe or unintended.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill declares itself the primary authority for testing any automation project in the environment, which is an overly broad activation scope. In an agent setting, this can cause the skill to trigger in unrelated contexts, override more appropriate task-specific guidance, and push actions like test discovery/execution or file creation without clear user intent.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The skill makes timezone uniformity to the environment's local time, with a concrete example of 'Africa/Cairo', part of the definition of done. This can silently force locale-specific behavior into projects that may serve other regions, causing incorrect scheduling, timestamp handling, or compliance issues when used outside that environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal