ClawHub

Token Saver

Security checks across malware telemetry and agentic risk

Overview

This is a coherent token-optimization guide, but it can directly change prompts, cron jobs, model routing, tool profiles, and persistent reports without a consistent approval gate.

Use this skill as an analysis checklist, but require explicit approval before it edits prompts, cron jobs, model routing, tool profiles, configs, bootstrap files, or creates monitoring jobs. Ask the agent to show diffs, backups, rollback steps, and validation results, and review generated reports for private workflow details before sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The test prompts define broad natural-language triggers such as '省点 token', 'token 优化', and 'token audit' without boundaries on context, exclusions, or confirmation steps. This can cause the skill to activate in unrelated conversations and override user intent, leading to unnecessary behavior changes, prompt steering, or disclosure of internal optimization guidance in contexts where it was not requested.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The prompts and expected outputs assume Chinese-language interaction and Chinese responses without checking the user's language preference. While not a direct code-execution risk, this can degrade usability, mis-handle user intent, and create unsafe or misleading responses if language forcing causes the agent to ignore explicit user preferences or surrounding context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal