ClawHub
Back to skill

Security audit

Self Learning Coach Deep v0.1.1

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed learning-coach workflow that reads user-provided or authorized sources, creates lesson files, and tracks progress without evidence of hidden or harmful behavior.

Install if you want an agent to build source-grounded lessons from your materials. Be aware it can read user-provided or authorized Feishu/internal materials, create local lesson and tracking files, and send generated HTML through Feishu/Miaoda when used there; avoid giving it sensitive documents unless you are comfortable with those local records being created.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The skill description contains very broad activation phrases such as deep learning, business analysis, training materials, and source-grounded lessons, which can match many ordinary user requests and cause the skill to trigger outside its intended scope. Over-broad activation increases the chance of unintended invocation on sensitive internal documents or general conversations, expanding data exposure and tool usage without clear user intent.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The skill instructs the agent to create and update persistent local tracking files for learning status and source records, but it does not require a clear user-facing notice or consent before writing them. This can lead to silent persistence of user topics, source metadata, and progress history, which may be unexpected and may retain sensitive business context longer than necessary.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal