ClawHub

Poem Generator

Security checks across malware telemetry and agentic risk

Overview

The advertised poetry skill includes an unrelated marketing script that is not clearly disclosed and can store command text locally.

Review before installing. The poetry helper itself appears low impact, but the package should remove or clearly disclose the unrelated marketing script and its local history logging. Avoid entering private drafts, personal text, or proprietary content unless you have verified which script will run and are comfortable with local persistence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The script’s documented behavior and command set implement a generic content-marketing assistant, while the skill metadata claims it is a poetry generator. This kind of capability mismatch is dangerous because it misleads users and security reviewers about what the skill actually does, increasing the chance that inappropriate or undisclosed behavior is trusted and executed under false pretenses.

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The actual command outputs are for headlines, SEO, hooks, CTAs, and content metrics rather than poem creation, translation, or literary formatting. In a security context, this is a true integrity and trust violation: users invoking a poetry tool may unknowingly run an unrelated assistant, which can mask broader unauthorized functionality or bypass scrutiny tied to the declared use case.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The inline documentation explicitly identifies the tool as a content creation and optimization assistant, directly contradicting the published poetry-generator description. This inconsistency is a meaningful security signal because deceptive or inaccurate documentation reduces transparency, hinders auditing, and can conceal unexpected behavior behind a benign-seeming label.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The logging helper writes user-supplied content to a local history file without clear disclosure, consent, retention policy, or an opt-out. In this skill context, prompts may contain sensitive creative drafts or personal text, so silent persistence creates privacy risk and may expose data to other local users, backups, or later compromise of the host.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal