ClawHub

data-analysis-sql

Security checks across malware telemetry and agentic risk

Overview

This SQL and data-documentation skill is purpose-aligned and locally scoped, with only ordinary caution needed around broad triggers and file overwrites.

Install this if you want help with SQL, data-warehouse modeling, and local Markdown documentation. Review ambiguous activations before letting it act on generic document requests, and confirm output filenames before generating docs so existing files are not overwritten.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes broad natural-language phrases such as '整理文档', '生成md', and especially '沉淀一下', which can match ordinary user requests outside the intended SQL/data-engineering scope. In an agentic environment, this can cause unintended skill activation and context capture, leading the model to apply SQL/data-doc behaviors to unrelated tasks or route sensitive content into this skill unexpectedly.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger list is very broad, covering common requests like writing SQL, optimizing SQL, generating markdown, organizing documents, or maintaining a knowledge base. Over-broad invocation can cause the skill to activate in unrelated contexts and apply file-writing or transformation behaviors unexpectedly, increasing the chance of unsafe side effects or data exposure.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The invocation phrase includes ambiguous everyday wording such as '沉淀一下', which can appear in normal conversation without the user intending to run a document-generation workflow. In a skill that can generate or update files, this ambiguity raises the risk of accidental activation and unauthorized content creation or modification.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger phrases are overly broad and include common expressions such as '整理一下', '生成文档', and '写个文档', which can cause the skill to activate in contexts where the user did not intend to invoke this capability. In an agent setting, unintended activation can lead to confusing behavior, accidental processing of sensitive SQL/schema content, or cascading file/document generation actions without clear user intent.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The documentation includes an example that writes output directly to 'migration_doc.md' without warning about overwrite behavior or recommending safe file handling. In practice, users or downstream agents may copy this pattern and unintentionally overwrite existing local files, causing data loss or unauthorized modification of workspace artifacts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal