ClawHub

TESP

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only task-progress protocol; its main risks are overuse, hardcoded local task-board paths, and provider preferences that users should adapt.

Install this only if you want a structured progress-reporting workflow. Before using it, replace the hardcoded /Users/weweclaw task-board paths with your own approved workspace paths, avoid putting secrets or sensitive client details into queue/archive/handoff notes, and follow your organization’s approved model-provider policy instead of treating GLM or MiniMax as mandatory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Low
Confidence
90% confidence
Finding
The protocol hard-codes user-specific absolute filesystem paths for active and archived task boards, which can cause writes to sensitive local locations and leak host-specific information. In an agent context, this is more dangerous because downstream implementations may blindly create, read, or modify those files on the operator's machine, enabling unintended local file access and breaking environment isolation.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger examples use common phrases like 'keep me posted' and 'set a working protocol' that can appear in ordinary requests outside the intended scope. This can cause the skill to activate too broadly, unexpectedly steering conversations into its protocol and overriding more appropriate task-specific behavior.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The top-level activation guidance is broad and subjective, covering many multi-step or non-immediate tasks without clear boundaries. In practice, this creates prompt-routing ambiguity and can make the skill apply in situations where it is unnecessary, leading to instruction interference or excessive process overhead.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal