ClawHub

通用学习带教模式

Security checks across malware telemetry and agentic risk

Overview

This is a learning assistant skill that may create study notes and exercise files, but that behavior is disclosed and fits its tutoring purpose.

Install this in a dedicated learning workspace, not a sensitive project, unless you are comfortable with the agent reading your exercise code and creating or updating study files. Review generated files before committing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description explicitly promises automatic generation of code, documentation, and progress updates, which implies workspace writes without informing the user up front. In an agent context, silent file creation or modification can surprise users, overwrite existing work, or cause unintended persistence of model-generated content.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The algorithm mode instructs the agent to update progress.md and generate solution/document files as part of the workflow, but it does not require explicit consent at the time of writing. This is dangerous because the agent may persist content into the repository automatically, potentially overwriting files, polluting commits, or modifying training artifacts the user did not intend to save.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The Python mode similarly directs the skill to generate exercise files, notes, and progress documents without an explicit warning or confirmation step. In practice, this can lead to unexpected workspace changes and persistence of generated code or notes, which is especially risky in shared or version-controlled directories.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal