ClawHub

skill invocation

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only skill router with a disclosed but permissive fallback rule that could cause wrong skill selection if used without safeguards.

Install only if you want an agent to use a permissive routing helper. For high-impact skills that edit files, publish content, deploy code, or affect accounts, pair this with an orchestrator rule requiring clarification or confirmation before invoking the selected skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The fallback rule 'if in doubt, use it' creates an overly permissive activation condition that biases the system toward invoking a skill even when matching confidence is low or ambiguous. In a skill invocation framework, this increases the chance of unintended or unsafe skill execution, especially if downstream skills can perform sensitive actions or contain adversarial prompt content.

Vague Triggers

High
Confidence
96% confidence
Finding
The instruction "If in doubt, use it" creates a fail-open selection policy that biases the agent toward invoking a skill even when intent matching is uncertain. In an orchestration context, this can trigger unintended tools, broaden capability exposure, and cause downstream actions on ambiguous user input.

Vague Triggers

High
Confidence
95% confidence
Finding
The invocation flow repeats an ambiguous fallback that lacks any hard constraint, confidence floor, or validation step before selecting a skill. This makes mis-invocation systemic rather than incidental, increasing the chance that unrelated or sensitive skills are called from vague requests.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The matching rule counts a trigger as a hit if the phrase merely "appears" in the user message, using case-insensitive text matching without normalization, boundary checks, or contextual disambiguation. Common words or overlapping phrases can therefore collide with normal language and spuriously select a skill.

Vague Triggers

High
Confidence
95% confidence
Finding
The uncertainty-handling section again instructs fallback to invocation even when evidence is insufficient or there is an obvious mismatch. This eliminates a safe no-match outcome and encourages the system to act despite unresolved ambiguity, which is dangerous in any tool-selection framework.

Vague Triggers

High
Confidence
97% confidence
Finding
The judgment checklist is explicitly biased toward invocation under uncertainty and provides no negative examples, exclusion criteria, or safety brakes. In practice, this trains the agent to over-select skills, increasing the likelihood of unauthorized actions, accidental tool chaining, or misuse of higher-risk capabilities.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal