ClawHub

Domain Prompt Generator

Security checks across malware telemetry and agentic risk

Overview

This is a text-only prompt-template skill with no executable code, persistence, credential use, or hidden data access, though its broad templates need care in medical and financial topics.

Install only if you want a broad prompt-template generator. For medical, mental-health, financial, legal, cybersecurity, political, or other high-stakes uses, treat its generated prompts as drafting aids only and add your own safety boundaries, professional disclaimers, and explicit user confirmation before relying on outputs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill advertises very broad trigger phrases such as '提示词生成', '领域模板', and '目标输出', which are generic enough to overlap with normal user conversation. This can cause the skill to activate unexpectedly in unrelated contexts, leading to prompt injection into workflows, unintended routing, or unauthorized use of the skill's instruction set when a user did not explicitly request it.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The core activation template uses very generic natural-language phrases such as '领域主题' plus broad decomposition/output instructions, which can be triggered by many ordinary user requests outside the intended scope. In an agent skill, overly broad activation increases accidental invocation risk and can cause the skill to override or steer unrelated conversations unexpectedly.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The exemplar library defines dozens of broad domain triggers as imperative activation instructions without exclusions, preconditions, or domain safety gating. This makes unintended activation across sensitive domains more likely and can route users into prescriptive workflows even when they only asked general questions.

Missing User Warnings

High
Confidence
98% confidence
Finding
The health and medical examples generate fitness, psychological, and disease-treatment plans without any warning that outputs may be unsafe, incomplete, or unsuitable for a specific person. In a prompt-generation skill, this is especially dangerous because it can mass-produce authoritative-seeming medical prompts that encourage diagnosis, medication, or intervention without professional oversight.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The investment-planning exemplar frames outputs as complete portfolios or strategies without warning about risk, uncertainty, suitability, or non-advisory status. Users may treat generated content as personalized financial advice, leading to harmful financial decisions based on generic or misleading prompts.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The phrase "执行协议等待指令" frames the generated prompt as a generic standing protocol that can accept future instructions without clear scope boundaries. In a prompt-generator skill, this is risky because downstream users may reuse the template as a high-authority meta-prompt, enabling prompt injection, role confusion, or unintended task expansion beyond the original domain.

Vague Triggers

Medium
Confidence
93% confidence
Finding
Across the repeated templates, the skill shows a reusable pattern for constructing prompts but does not define explicit trigger boundaries, rejection criteria, or negative examples. Because this skill is a meta-template engine, that omission is more dangerous than in a narrow content skill: users can generate broadly applicable prompts that appear authoritative and may be repurposed to bypass safety expectations or accept adversarial instructions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal