ClawHub

DriveMind

Security checks across malware telemetry and agentic risk

Overview

DriveMind is a markdown-only workflow guidance skill that changes collaboration style, not system access, and its broad activation language is worth noticing but not enough to require Review.

Install this if you intentionally want the agent to be more persistent, structured, and review-oriented. Use explicit invocation or disable broad auto-activation if you prefer default behavior for ordinary tasks, and review the Chinese reference files or translate them if your operators need to audit the safety rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description includes broad natural-language triggers like 'keep pushing' and 'don’t stop too early' that are common in ordinary user requests, so the skill may activate unintentionally in many contexts. Over-broad activation can silently alter agent behavior across unrelated tasks, increasing persistence and framework-driven responses where the user did not explicitly request this mode.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The 'Use when' section is expansive and lacks complementary 'do not use when' boundaries, allowing the skill to attach to many high-level situations such as important tasks, failures, or requests for clarity. This creates scope creep where the agent may inappropriately adopt persistence and review behaviors in contexts that need default behavior or a different safety posture.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The phrase 'or similar instructions' makes invocation semantics open-ended and subjective, which can cause the skill to trigger based on weak semantic resemblance rather than clear authorization. In a behavior-modifying skill, ambiguous implicit activation is dangerous because it lets the agent reinterpret ordinary user language as permission to change persistence, escalation, and output style.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal