ClawHub

Paper DeepRead Comic Studio

Security checks across malware telemetry and agentic risk

Overview

This is a coherent paper-reading and comic-storyboard skill, with ordinary privacy cautions around uploaded papers, external image tools, and zipped handoff bundles.

Install if you want a Chinese-oriented paper deep-reading and storyboard workflow. Before running the zip helper, use a clean project workspace that contains only intended paper artifacts. For confidential or unpublished papers, avoid external image-generation APIs unless you explicitly approve sending paper-derived prompts or content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The archive builder unconditionally zips every file anywhere under the provided workspace directory, regardless of whether the file is required for the declared paper-reading/comic delivery bundle. If the workspace contains unrelated secrets, cached credentials, private notes, or other incidental artifacts, they will be silently included in the output bundle and exposed to downstream recipients.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The resume prompt uses a generic activation phrase ('use this skill, based on state, execute step X') without constraining what 'state' is, who may supply it, or what inputs are trusted. In agent settings, broad resumability can let prior untrusted conversation content or attacker-supplied state steer later execution, causing unintended actions or scope drift.

Natural-Language Policy Violations

Medium
Confidence
74% confidence
Finding
The README presents resume prompts only in Chinese and does not offer language negotiation or say they are examples only. In multi-language agent environments, this can cause instruction ambiguity, accidental prompt copying without understanding, and reduced operator ability to review or safely modify execution prompts, which increases the chance of misuse or hidden prompt behavior.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The schema hard-codes Chinese-language output paths and many mandatory Chinese section headings, which constrains downstream behavior regardless of user preference or locale. In this skill context, that is primarily a policy and usability risk rather than a classic security exploit, but it can still cause unauthorized language routing, user-intent mismatch, and prompt/agent behavior that is less transparent or reviewable by non-Chinese-speaking operators.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal