ClawHub

IPO Model

Security checks across malware telemetry and agentic risk

Overview

The skill does not show malicious behavior, but its very broad scope and under-specified examples could lead an agent to modify files or handle private data without enough safeguards.

Install only if you are comfortable with a broad process-control skill influencing many kinds of tasks. Before using it on real files or private datasets, require explicit previews, approved directories, backups, confirmation before changes, and clear consent before any API call or generated report leaves your local environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill explicitly claims it is suitable for 'all types of tasks,' which creates an overly broad activation and use scope. In an agent setting, this can cause the skill to be invoked in sensitive or high-risk contexts without domain-specific guardrails, increasing the chance of unsafe tool use or inappropriate task handling.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The display protocol uses common conversational phrases such as '怎么做到的' and '展开分析' as triggers, which may be activated unintentionally during normal user interaction. This can unexpectedly alter behavior, reveal internal planning structure, or change how the agent presents and executes task decomposition.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The file-renaming example encourages generating and executing a script that changes filesystem state, but it does not mention safeguards such as dry-run mode, path restriction, collision detection, rollback, or user confirmation. In practice, this omission can lead to destructive or irreversible file operations if the pattern is copied into real tasks.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The data-analysis and report-generation examples describe reading files, calling APIs, generating charts, and producing report artifacts without any privacy, consent, retention, or sensitive-data handling guidance. Because the skill presents itself as a universal methodology, users may apply these patterns to confidential datasets and external systems without adequate controls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal