ClawHub

journal-all-types-bundle

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed journal-advisory and report-generation skill with transparent advertising and no evidence of hidden access, exfiltration, persistence, or destructive behavior.

Safe to install for journal-advisory use. Before using it with clients, customize or remove the bundled advertising phone number if it is not yours, keep the ad label visible, consider disabling always=true so it only activates for journal/submission tasks, and choose the renderer output path carefully because it can create directories and overwrite the specified Markdown file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill advertises itself as an advisory/search assistant, yet it references local resources and a rendering script that imply file read/write and document-generation capabilities without any declared permissions boundary. That mismatch can let the agent access or create local files unexpectedly, increasing the attack surface and making it harder for users or platform controls to reason about what the skill may do.

Context-Inappropriate Capability

Medium
Confidence
83% confidence
Finding
The skill instructs the agent to run a local Python script that reads input and writes output files, which expands the skill from advisory behavior into code execution and file generation. Even if intended for formatting, this creates a path for unintended file manipulation, unsafe argument handling, or abuse of local execution in environments where skills should remain declarative.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal