ClawHub

Dong Mingzhu Perspective V2

Security checks across malware telemetry and agentic risk

Overview

This is a Markdown-only business persona skill with no code execution or data access, but users should treat its persona voice and gendered leadership claims carefully.

Install only if you want a strongly styled Dong Mingzhu business-analysis persona. Treat outputs as simulated perspective, avoid relying on gender-based leadership generalizations for workplace decisions, and be aware that generic business phrases may activate the style unexpectedly.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The text makes broad gender-based claims such as women leaders being more attentive to rules and detail, which is a stereotype tied to a protected characteristic. In an organizational skill, this can normalize biased assumptions in leadership evaluation, hiring, or training content and may conflict with anti-discrimination or inclusion policies.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
This line continues gender stereotyping by asserting that female leaders are inherently more patient. Even if framed positively, essentializing leadership traits by gender can reinforce bias, create exclusionary expectations, and introduce policy or HR risk when reused in workplace-facing content.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger list includes broad business phrases such as '产品为王' and '技术自立' that can appear in ordinary discussion, causing the skill to activate unintentionally. This can override normal assistant behavior and steer responses into a persona-based framing when the user did not clearly request it, increasing prompt-routing ambiguity and reducing reliability.

Natural-Language Policy Violations

Low
Confidence
79% confidence
Finding
The skill mandates first-person responses in a specific persona and style without checking the user's preferred language or presentation format. While not directly enabling code execution or data exfiltration, this can degrade user control, misrepresent outputs as the persona's voice, and make the assistant less transparent and less aligned with user intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal