ClawHub

policy-to-checklist

Security checks across malware telemetry and agentic risk

Overview

This skill has a legitimate checklist purpose, but it can read and print the entire system clipboard for broad prompts without an explicit consent step.

Review before installing. Use it only after copying the exact document you want processed, and avoid invoking it when your clipboard may contain secrets or unrelated private content. The publisher should narrow activation to explicit clipboard requests and add a consent or confirmation step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough to match ordinary requests like summarizing a notice or extracting deadlines, which can cause the skill to activate unexpectedly. Because the skill then instructs the agent to run a clipboard-reading command, this broad matching expands the chance of unintended access to sensitive clipboard contents.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly tells the agent to execute a local command that reads the clipboard, but it provides no user-facing warning, consent step, or disclosure that clipboard contents will be accessed. Clipboard data often contains passwords, tokens, personal data, or unrelated sensitive text, so silent access creates a meaningful privacy and data-exposure risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
This script reads the user's system clipboard by invoking `pbpaste` and then prints the clipboard contents to stdout without any prior disclosure, confirmation, or minimization. Clipboard data often contains sensitive material such as passwords, tokens, private text, or proprietary documents, so automatically exfiltrating it into tool output increases the risk of unintended exposure to logs, downstream agents, or other integrations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal