ClawHub

Adaptive Eta

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed ETA/progress-update helper that runs a small local timer script, with no evidence of hidden network access, credential use, or destructive behavior.

Install this only if you want frequent ETA/progress-update behavior and are comfortable with the assistant running a local Python timer helper during longer tasks. Do not rely on the claimed cron-based reminders; the artifacts only show manual start/check/stop commands and a temporary local state file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
93% confidence
Finding
The skill promises proactive progress updates, cron-based reminders, and mandatory activation, but the described implementation only performs manual CLI checks and local state persistence. This mismatch is dangerous because operators or users may rely on assurances that do not actually exist, causing silent long-running behavior, hidden local persistence, and overtrust in an unenforced workflow.

Vague Triggers

Medium
Confidence
82% confidence
Finding
A mandatory trigger for any task estimated over 15 seconds is overly broad and can coerce frequent execution of auxiliary commands around unrelated work. In this skill, that increases the chance of unnecessary script invocation and local state changes across many workflows, expanding attack surface and creating opportunities for misuse if the timer script is modified or unsafe.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Repeating the same mandatory activation rule without constraints reinforces a blanket requirement to run the timer workflow for broadly defined tasks. In context, this makes the skill more dangerous because it normalizes unconditional command execution and leaves no safety carve-outs for high-trust, restricted, or incompatible environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal