ClawHub

Academic Press Release Writing

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent academic press-release writing helper, but users should be aware it may process a user-provided PDF and create image or Word files.

Install as a writing/template skill. Before using the automated figure or Word-document path, confirm the PDF is intended for processing, check any referenced script and dependencies because they are not included in the package, and review generated files before sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
85% confidence
Finding
The skill metadata describes a writing-guidance tool, but the body expands into PDF figure extraction and Word document generation. This scope mismatch can mislead operators and downstream policy systems about what the skill is allowed to do, increasing the chance that file-processing actions occur without appropriate review or consent.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill includes detailed code and a command pathway for automated PDF image extraction, which materially extends it beyond editorial assistance into local file processing. In context, this is risky because it may cause the agent to inspect and transform user-supplied documents or local files without narrowly scoped authorization, and it creates an unnecessary capability surface for a writing skill.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Automatically converting output into a Word document and sending it to the user adds file creation and artifact-delivery behavior that is not clearly disclosed in the core skill description. This can lead to unexpected local writes, generated artifacts containing sensitive material, or unauthorized workflow steps beyond simple content generation.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow instructs the agent to extract images, generate a Word document, and send outputs without any user-facing warning or confirmation about file reads/writes and artifact creation. That is dangerous because users may not realize the skill will manipulate documents or create local files, which can expose sensitive content or violate least-surprise and consent expectations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal