ClawHub

Comic Script

Security checks across malware telemetry and agentic risk

Overview

This skill appears to run locally without network or destructive behavior, but its comic-storyboard branding does not match its main documented content-marketing tool and it saves command history locally.

Review this before installing if you expected a narrowly scoped comic-writing skill. Use it only if you are comfortable with a mixed comic/content-marketing tool, confirm which script your installer invokes, and avoid entering confidential topics or client details unless you are comfortable with them being written to the local history log.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
96% confidence
Finding
The skill metadata and title present this as a comic storyboard tool, but the documented behavior is a broader content-marketing assistant with SEO, scheduling, repurposing, and persistent history logging. This mismatch is dangerous because users, policies, or automated allowlists may grant the skill access or trust based on the declared purpose, while the actual functionality expands scope and includes data retention not clearly aligned with the advertised use.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The manifest claims a comic storyboard/dialogue skill, but the command set and documentation describe a generic terminal content assistant. In a skill ecosystem, this kind of semantic deception can bypass user scrutiny and policy review, causing inappropriate installation or use under false assumptions.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The title and manifest frame the file as comic scripting, but nearly the entire body documents unrelated SEO and content-marketing tooling plus command logging. This broad hidden scope increases risk because operators may permit the skill in comic-writing contexts while overlooking non-obvious behaviors like persistent activity logs and unrelated content-generation capabilities.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The `_log` helper persistently writes user-supplied arguments to a history file under the user's data directory without any visible disclosure, consent, retention policy, or redaction. This can expose sensitive prompts, unpublished creative work, credentials accidentally pasted into commands, or proprietary content to other local users, backups, or forensic review, especially because the skill context involves drafting user-provided content that may be confidential.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal