ClawHub

This skill provides a complete multi-agent collaboration system for product-driven development loops

Security checks across malware telemetry and agentic risk

Overview

This is a powerful but coherent multi-agent development workflow that openly uses files, web research, shell commands, and persistent project memory for its stated purpose.

Install only in repositories where you are comfortable with agents writing durable project notes and development artifacts, running build/test/git commands, and preparing commits or pushes. Review SOUL.override.md, USER.md, MEMORY.md, memory files, and planned git actions before use, and keep secrets out of persistent memory and project reports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill’s activation criteria are broad enough that it could be invoked in many loosely related situations, increasing the chance of unnecessary loading of its instructions and workflow behaviors. In a multi-agent orchestration skill, overbroad triggering can cause inappropriate context injection, role confusion, or unintended execution paths across agents, even if the content is not overtly malicious.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly tells the agent to directly execute simple user requests and bug fixes on a feature branch, which can lead to repository-modifying actions without an explicit confirmation or warning boundary. In an agentic coding context with Write/Edit/Bash tools and git push instructions elsewhere in the file, this increases the risk of unauthorized code changes, accidental commits, or social-engineered destructive modifications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to write daily research files and update MEMORY.md and project intelligence files, but it does not warn the user that workspace state will be modified. In an agent setting, silent persistent writes can create unexpected side effects, pollute repositories, or overwrite user-managed notes, especially because these updates are framed as mandatory and recurring.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The project knowledge-base workflow requires creating folders and multiple records under projects/<name>/ without any warning that new workspace files and directories will be created. This is risky because an agent may silently materialize a large persistent structure based on prompts or inter-agent messages, leading to unintended data creation, clutter, or modification of sensitive repositories.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to write a daily hotspot report to `memory/YYYY-MM-DD-hotspot.md` and update `MEMORY.md`, but it does not clearly warn the user that running the workflow will modify repository files. In an agent setting, undisclosed automatic writes can surprise users, overwrite prior notes, or create persistent state that later agents rely on, which increases operational and integrity risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section directs the agent to create a project knowledge base and continuously write discussions, competitor research, and decision records under `projects/<name>/` without an explicit disclosure that user files will be created and modified. Because these writes are broad, recurring, and based on agent-generated content, they can cause repository sprawl, accidental overwrites, or persistence of inaccurate data that other agents may trust.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The handoff workflow instructs the agent to generate a PRD file, notify other agents, and update shared memory state, but it does not plainly disclose that this will alter both files and cross-agent workflow state. In a multi-agent system, silent state changes are more dangerous because downstream agents may act on the new PRD or memory entries as if they were authoritative, amplifying mistakes or unwanted actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The workflow instructs the agent to persist research outputs and daily activity into `reports/` and `memory/` files without any user-facing notice or consent boundary. In a research workflow, prompts may contain confidential business plans, proprietary technical evaluations, internal URLs, or sensitive notes; silently writing them to durable storage can create unintended retention and later exposure to other agents or future sessions.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal