ClawHub

technical-spec-design

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed technical-specification helper with optional local template scripts and no evidence of hidden data access, persistence, exfiltration, or destructive behavior.

Install from the reviewed ClawdHub package when possible. If using the manual GitHub clone, verify the repository first. Run the optional Python helpers only when you intend to generate or validate files, choose input and output paths carefully, and review generated Markdown before relying on it as a complete technical specification.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
72% confidence
Finding
The skill references local resources and scripts that imply file read/write capability, but the manifest does not declare any permissions or capability boundaries. This creates a trust gap: a host or reviewer may assume the skill is documentation-only when it can access or generate files, increasing the chance of unintended file operations or unsafe execution paths.

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The skill advertises autonomous technical-spec generation and design analysis, but the described/observed behavior includes validation tooling and template substitution that do not match those claims. Description-behavior mismatch is dangerous because users may grant trust, auto-triggering, or broader workflow authority based on false expectations, leading to unsafe automation decisions or inappropriate invocation in sensitive contexts.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The auto-trigger conditions are broad enough to activate on many ordinary requests about implementation or design. Over-broad triggering can hijack normal conversations, inject rigid process instructions unexpectedly, and cause the system to apply this skill in contexts where it is not appropriate, which is a prompt-scope/control weakness even without code execution.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal