ClawHub
Back to skill

Security audit

Math Viz

Security checks across malware telemetry and agentic risk

Overview

This skill coherently creates interactive math-visualization HTML files and runs a disclosed local checker, with some local-execution and temporary-file hygiene caveats.

Install only if you are comfortable with the agent creating local HTML files, opening previews, loading JSXGraph/Three.js from public CDNs, and running the included verifier script. Avoid placing sensitive private content into generated pages on shared machines until the verifier uses unique temporary files and cleanup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs the agent to execute a local shell script from a user-controlled skill directory as a mandatory completion step. That expands the skill from HTML generation into command execution, creating a trust boundary violation: if the script or path is modified, the agent could run unintended code on the host environment.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill requires writing files to the workspace, opening a preview, and later executing a verification script without clearly informing the user that local filesystem changes and environment actions will occur. This undermines informed consent and can lead to unexpected side effects, especially in agent runtimes where file creation, browser preview, or command execution have security implications.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script writes extracted JavaScript and intermediate results to predictable fixed paths under /tmp (for example /tmp/_mathviz_verify.js and related result files). On a multi-user system or when run with elevated privileges, this can expose potentially sensitive content from the analyzed HTML, and it also creates a symlink/race-condition risk where an attacker pre-creates those paths to overwrite or read unintended files.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.