ClawHub

can-ai-replace-me

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed SOP/workflow interview tool, but its generated files can contain sensitive business-process details.

Use this only for workflows you are comfortable documenting. Do not provide passwords, tokens, customer names, confidential procedures, or internal weaknesses. Review generated files before sharing, syncing, or copying them into OpenClaw, and back up existing config files before any overwrite.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad and include common conversational intents such as '了解我的工作方式' and 'AI能取代我吗', which can cause the skill to activate unexpectedly. In this skill's context, unintended activation is more dangerous because it immediately steers the user into disclosing detailed work routines, stakeholders, tools, and pain points that may be sensitive operational information.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to generate multiple reports and configuration files containing sensitive workflow knowledge, but provides no warning, consent flow, retention guidance, or storage safeguards. Because the content includes daily tasks, stakeholders, tools, schedules, and organizational processes, these artifacts could become a durable map of internal operations useful for social engineering, phishing, or business-process abuse if exposed.

Ssd 3

Medium
Confidence
95% confidence
Finding
The skill is designed to collect extensive operational detail and package it into persistent profile/config files such as SOUL.md, USER.md, AGENTS.md, TOOLS.md, HEARTBEAT.md, and IDENTITY.md without clear minimization boundaries. In context, this is especially risky because it transforms scattered user disclosures into structured, reusable operational intelligence that may reveal routines, tools, responsibilities, approval chains, and timing information valuable to an attacker.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal