ClawHub

Call Report Writer Agent

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is a disclosed multimedia report generator, but users should constrain its web research and screenshot behavior when privacy or source limits matter.

Install only if you want an agent that can research external sources, scrape pages, capture useful screenshots, generate chart images with Python, and create/submit a long report. When invoking it, provide allowed domains or source limits, a maximum word count, language, and whether screenshots are allowed; review outputs for sensitive captured content and citation accuracy.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

High
Confidence
96% confidence
Finding
The manifest advertises a narrow call-report-writing skill, but the operative instructions expand it into a general-purpose multimedia research agent with web investigation, scraping, screenshot capture, and code-driven asset generation. This scope mismatch is dangerous because it can cause the host system or reviewer to grant or approve capabilities under false assumptions, enabling broader external data access and content collection than the declared purpose justifies.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The instructions require selecting and investigating arbitrary external URLs and following hyperlinks to deepen research, which materially broadens the skill from report writing to open-ended external exploration. In context, this is risky because it can trigger unbounded access to untrusted content, unexpected data exfiltration paths, or policy-violating browsing behavior not implied by the skill's stated role.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The instructions require selecting and investigating arbitrary external URLs and following hyperlinks to deepen research, which materially broadens the skill from report writing to open-ended external exploration. In context, this is risky because it can trigger unbounded access to untrusted content, unexpected data exfiltration paths, or policy-violating browsing behavior not implied by the skill's stated role.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The documentation names the agent as a Call Report Writer Agent, but the actual instructions redefine it as a Multimedia Research Producer focused on long-form, media-rich external research. This role redefinition is dangerous because it obscures the real operational behavior of the skill, making review, risk assessment, and least-privilege capability assignment less reliable.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal