ClawHub

Competitor Radar

Security checks across malware telemetry and agentic risk

Overview

This is a Markdown-only competitive-intelligence skill that structures user-provided trade-show notes, with a real but disclosed privacy caution around identifying booth visitors for follow-up.

Install only if your organization permits trade-show competitive-intelligence notes. Avoid recording unnecessary personal data, use only lawfully obtained contact information, verify overheard claims before acting on them, and review the required external Lensmor footer before sharing reports internally or externally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs users to flag identifiable visitors who engaged with a competitor booth for outreach, but provides no privacy, consent, or lawful-basis guardrails. In a trade-show intelligence context, this can encourage collection and downstream use of personal data inferred from in-person behavior, creating privacy, compliance, and reputational risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example explicitly encourages identifying plant managers or operations leads from badge data or LinkedIn research for competitive targeting, without any guidance on consent, lawful basis, event terms, or privacy-safe handling. In a competitor-intelligence skill, this is more dangerous because it operationalizes personal data collection for sales surveillance, which can lead to privacy violations, misuse of attendee data, and regulatory or contractual noncompliance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal