ClawHub

DocuClaw

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be documentation-only, but its local-only privacy claims conflict with optional cloud vision and third-party sync features for sensitive documents.

Install only if you are comfortable reviewing the skill carefully before use. Treat it as needing a local-only configuration check: avoid OpenAI Vision and calendar/accounting sync for confidential documents unless you intentionally want those third-party services to receive extracted document data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill makes strong local-only and sovereignty claims while also advertising OpenAI Vision support and syncing extracted data to external tools. This creates a material transparency and trust issue: users may process sensitive invoices, receipts, or contracts under the false assumption that data will never leave their device, leading to unintended disclosure of personal, financial, or legal information.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The documentation explicitly states that private data never leaves local hardware, but later text contradicts this by offering OpenAI Vision and external sync workflows. In a document-processing skill handling potentially sensitive business and personal records, this contradiction can cause users to expose confidential data to third parties without informed consent, making the issue more dangerous in context.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill description and workflow mention syncing extracted data to calendars or accounting tools but do not present this as a privacy-relevant warning. Because the system processes invoices, receipts, contracts, and mail, omission of an explicit disclosure can mislead users about onward data sharing and increase the chance of accidental leakage to third-party services.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal