ClawHub

Scientific and Technological Novelty Search Report Review

Security checks across malware telemetry and agentic risk

Overview

This is a coherent report-review skill, with disclosed document-reading behavior and some consent caveats for shell-based extraction and possible Baidu Scholar lookup.

Install only if you are comfortable letting the agent read the report contents. Confirm the exact file path before allowing shell-based extraction, and ask the agent not to use Baidu Scholar or other live searches if the project topic, keywords, or technical details are confidential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill directs the agent to invoke Shell/Python and external utilities like python-docx, textract, or antiword on a user-supplied document path. That expands the skill from passive review into code/tool execution on untrusted input, increasing the attack surface for command/path misuse, unsafe file access, dependency abuse, and unintended processing beyond what is necessary for report review.

Description-Behavior Mismatch

Medium
Confidence
80% confidence
Finding
The skill claims to audit the provided report text, but the final required disclaimer says the result is also based on current Baidu Scholar search results. This creates hidden scope expansion to live external retrieval, which can cause nondeterministic behavior, unintended network access, privacy leakage about user content/topics, and conclusions based on data the user did not explicitly authorize the agent to fetch.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal