ClawHub

DESIGN.md — AI时代设计规范技能

Security checks across malware telemetry and agentic risk

Overview

This is a design-document helper that may create or update a project DESIGN.md, and the reviewed files disclose behavior that fits that purpose.

Install this if you want help creating or applying a project DESIGN.md. Before allowing changes, review the generated file or diff, especially if DESIGN.md already exists, and avoid placing secrets or private operational details in design or brand documents the agent may read.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill's trigger phrases and description are broad enough to match ordinary design-related conversations, which can cause the skill to activate outside the user's actual intent. In an agent environment, unintended activation can steer the workflow, inject extra instructions, or cause downstream actions that the user did not explicitly request.

Vague Triggers

Low
Confidence
85% confidence
Finding
The trigger examples show positive activation cases but do not define boundaries or counterexamples, making it unclear when the skill should stay inactive. This ambiguity increases the chance of accidental invocation during routine UI or branding discussions, though the direct security impact is limited unless combined with file-modifying behavior.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs the agent to save a DESIGN.md file to the project root but does not require notifying the user or obtaining confirmation before modifying repository contents. Silent file writes can alter project state unexpectedly, overwrite existing work, and create integrity issues in environments where agents have filesystem access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal