ClawHub

Nm Scribe Voice Review

Security checks across malware telemetry and agentic risk

Overview

This appears to be a writing-review skill, but it can automatically change and retain user text without enough clear consent or retention controls.

Review before installing. Use it only on text you are comfortable having edited and locally retained, check whether snapshot storage can be disabled or deleted, and prefer explicit review/diff mode before allowing it to write changes to files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger list includes very generic single-word terms such as 'voice', 'review', 'prose', 'craft', and 'quality', which can cause the skill to activate in response to unrelated user requests. In context, this is more dangerous because the skill can modify content, auto-apply fixes, and save files, so accidental invocation can lead to unintended content changes or workflow hijacking.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill explicitly states that hard failures are 'auto-fixed' and elsewhere indicates the final text is saved, but it does not provide a clear up-front warning that user content may be silently modified. In context, this elevates risk because users may invoke a review workflow expecting advice only, while the skill performs automatic edits before explicit consent.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill stores reviewed text snapshots under a home-directory learning path without any clear privacy, retention, or sensitivity warning. Because reviewed text may contain drafts, proprietary material, or personal data, silent snapshotting increases the risk of unintended local data retention and later exposure.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal