ClawHub

Ghsa Skill Builder

Security checks across malware telemetry and agentic risk

Overview

The skill has a legitimate security-research purpose, but it can be triggered too broadly and tells agents to run local scripts and persist generated skills, so it should be reviewed before use.

Install only if you intend to generate or update local vulnerability or pentest skills. Use it in a trusted workspace, inspect or provide the referenced scripts yourself before running commands, confirm which GitHub credentials will be used, and manually review generated skills before enabling or publishing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger description includes broad phrases such as 'security advisory', 'bug bounty', and 'check for updates', which can cause the skill to activate in conversations that are only loosely related to skill generation. Unintended invocation is risky here because the skill drives external data collection and file-generation workflows, increasing the chance of surprising actions or scope creep.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The usage examples include ambiguous requests like '帮我更新一下漏洞 skills' and '看看有没有新漏洞', which lack clear constraints on source, scope, or target repository. Because this skill is capable of fetching data and generating/updating skill content, vague invocation examples make accidental or overly broad execution more likely.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger guidance is broad and underspecified, which can cause the wrong skill to load for loosely related terms such as GHSA, CVE, or security advisory. In a security-analysis workflow, ambiguous activation criteria can misroute tasks, dilute more specific checks, or let an attacker influence tool selection through prompt wording, reducing the reliability of downstream vulnerability analysis.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal