ClawHub

Huo15 Openclaw Design Director

Security checks across malware telemetry and agentic risk

Overview

This is a content-only design-direction skill that gives style briefs and handoff instructions, with no executable code, credential use, persistence, or hidden data access found.

Install this if you want a Chinese-language design-direction advisor that may activate on broad design-selection phrases. Review the broad aliases if you manage many skills and want stricter routing, especially around automatic handoff to the related frontend-design skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill declares very broad trigger phrases for generic design-selection requests, so it can be invoked during ordinary conversation rather than only when the user explicitly requests this specific skill. That creates prompt-routing risk: the agent may unexpectedly switch into this skill’s workflow, influencing outputs or causing unintended cross-skill handoff behavior.

Vague Triggers

Medium
Confidence
98% confidence
Finding
Several aliases are extremely generic, including common phrases such as '设计方向', '风格提案', and 'design direction', which overlap with normal user intent rather than uniquely identifying the skill. In a multi-skill environment, these aliases can cause accidental or incorrect activation, leading to unauthorized routing into this skill and its downstream workflows.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The instruction to auto-trigger when a user selects 'let you decide' in another skill is ambiguous and broad, because many contexts could contain that sentiment without intending a handoff to this skill. This increases the chance of unintended skill chaining and makes routing dependent on loose semantic interpretation rather than explicit user consent.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The dedicated trigger list repeats broad everyday phrases without boundaries or counterexamples, making false activation likely across ordinary design conversations. Because this skill also coordinates with another skill and defines downstream asset paths and handoff JSON, accidental invocation has more operational impact than a standalone content-only skill.

Natural-Language Policy Violations

Medium
Confidence
85% confidence
Finding
The skill metadata and examples are written entirely in Chinese and present Chinese-language interaction as the default, without any indication that language should follow the user’s preference. This is not a code-execution issue, but it can degrade user control and safety by causing unintended language switching, misunderstanding, or exclusion in multilingual deployments.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal