ClawHub

Auto Expert Team

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill that critiques multi-role expert-team prompting, with some broad triggers and reusable templates but no hidden execution, credential access, persistence, or data-moving behavior.

Install only if you want a critique/reference document about expert-team prompting. Expect possible overactivation on generic teamwork requests, and treat the included templates as examples to avoid rather than as a recommended workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
Although the document repeatedly labels itself as a 'negative example,' it still contains a complete, reusable operating procedure, templates, role schemas, and execution flow for assembling and running expert teams. In practice, an agent or user can ignore the disclaimers and directly apply the included instructions, creating instruction/description mismatch and enabling unintended behavior beyond the stated skill purpose.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The file uses repeated 'this is an error demonstration' framing while simultaneously presenting normative instructions, checklists, constraints, and templates that read like executable guidance. This contradiction is dangerous because safety reviewers, routing systems, or downstream agents may trust the disclaimer while the actual content still induces the prohibited multi-role orchestration behavior.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad terms like '团队完成任务' and '专家协作' that overlap with ordinary user requests, so the skill may activate in many benign contexts where the user is simply asking for collaborative-style help. Because this skill contains contradictory and operationally prescriptive content, broad activation increases the chance of unintended routing into an unsafe or low-quality behavior pattern.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal