ClawHub

Value Aware Guard

Security checks across malware telemetry and agentic risk

Overview

The skill appears aimed at boundary or value-protection support, but it describes covert behavior tracking and high-impact interventions without enough consent and control safeguards.

Install only if you are comfortable with a skill that may monitor personal patterns over time and potentially escalate interventions. Before using it, require clear opt-in, a way to pause/delete stored observations, limits on emergency-contact use, and confirmation that any restrictive action requires explicit user approval except in narrowly defined emergencies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
74% confidence
Finding
The skill advertises executable Node.js commands and signal-processing behavior, yet no permissions are declared despite static analysis detecting environment access capability. This mismatch is dangerous because it obscures the skill's actual execution and data-access surface, making review, sandboxing, and least-privilege enforcement harder and increasing the chance of unintended access to sensitive environment variables.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The description uses broad triggers such as value drift detection, boundary violations, low energy alerts, and user pattern discovery without clear scope, thresholds, or consent boundaries. In an automated or proactive invocation system, ambiguous triggers can cause the skill to run unexpectedly, perform interventions too broadly, or monitor users in ways they did not intend.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The document is entirely prescriptive in Chinese and defines user-facing prompts, warnings, and consent flows without any mention of language preference, fallback behavior, or opt-in for localization. In a boundary/protection skill, this can cause users to miss privacy notices, consent prompts, or intervention messages, undermining informed consent and safe operation for non-Chinese-speaking users.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section specifies persistent tracking of user schedules, energy patterns, privacy comfort levels, decision style, and weekly boundary reports, but it does not provide a prominent upfront disclosure of monitoring scope, retention, access, deletion, or consequences. Because the skill explicitly profiles sensitive behavioral and privacy-related data over time, the lack of clear consent and retention limits creates a meaningful privacy and autonomy risk if deployed.

Missing User Warnings

High
Confidence
97% confidence
Finding
The L1 section explicitly defines silent behavioral recording, pattern accumulation, and keeping the user 'completely unaware' while building a behavioral baseline. In a value-guard/monitoring skill, covert profiling of user behavior without notice or consent creates a real privacy and autonomy risk, and the surrounding context makes it more dangerous because the system is designed to infer patterns and escalate interventions over time.

Missing User Warnings

High
Confidence
94% confidence
Finding
The L4 section allows restrictive actions such as limiting feature access and notifying emergency contacts, and also contemplates external interventions, but the description does not consistently require prior user warning, narrowly scoped authorization, or strong safeguards for emergency-only use. In this skill context, that is dangerous because the system already tracks value deviations and can escalate to coercive measures, increasing the risk of overreach, misuse, or harmful third-party disclosures.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal