First Principles Thinking

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only thinking framework that changes the agent’s style but does not request tools, credentials, data access, or hidden execution.

Install this if you want an always-on reasoning style that asks for clarification, challenges suboptimal plans, and keeps responses concise. Prefer the ClawHub install path; if cloning from GitHub, review the repository contents first.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 97% confidence
Finding: The skill is configured with `alwaysLoad: true` and explicitly states it is 'always active,' which makes it apply across unrelated tasks without clear user intent or narrow scoping. This can override normal agent behavior, inject persistent instruction bias, and cause the agent to question or redirect benign requests in contexts where the skill is irrelevant, increasing the chance of unsafe or policy-conflicting behavior.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill metadata and content are written to enforce Chinese-language behavior and interaction style without any user opt-in, locale detection, or justification. This can cause unwanted language switching, degrade user comprehension, and create instruction-precedence conflicts when the user expects another language or when downstream workflows depend on stable locale behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal