ClawHub

麦肯锡百年知识库

Security checks across malware telemetry and agentic risk

Overview

This is mostly a coherent McKinsey-style knowledge skill, but it tells agents how to use local IMA credentials and external API commands without clear consent or privacy boundaries.

Install only if you intentionally use IMA and are comfortable with an agent accessing your IMA client ID/API key and sending relevant queries to that external knowledge service. Require explicit confirmation before any API command is run, and avoid using it with confidential business material unless your IMA account and data-handling terms allow that.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The skill embeds executable shell commands that access local credential files and invoke a local Node script using those secrets. For a documentation-only knowledge-base skill, this creates an unnecessary path to secret exposure or unauthorized outbound access if an agent follows the instructions, especially because absolute local paths and credential locations are explicitly provided.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The activation keywords are very broad and overlap with common business, strategy, AI, and analysis conversations, which can cause the skill to trigger in contexts the user did not intend. Because this skill also documents external knowledge-base access, overbroad triggering increases the chance of unnecessary data access, tool use, or prompt-context pollution.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs access to local credential files and remote knowledge-base APIs without any user-facing notice about what data may be read, transmitted, or retained. In skill context, that omission is dangerous because users may unknowingly cause local secrets to be accessed or business queries to be sent to an external service.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal