ClawHub

Japanese Tutor

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Japanese tutor, but PDF parsing sends uploaded PDFs to Gemini and saved study notes persist locally.

Install only if you are comfortable using Gemini for PDF OCR. Do not parse confidential PDFs, school records, or personal documents unless third-party processing is acceptable, and review or delete the saved reference markdown files if you do not want extracted lesson material reused later.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
This script transmits the full contents of a user-supplied PDF to Google's Gemini service using an API key from the environment. In a tutoring skill that parses study materials, cloud OCR/transcription can be functionally relevant, but the external exfiltration of potentially sensitive homework, school records, or personal documents is still a real data-exposure risk if users are not clearly informed and consent is not obtained.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The quick-action phrases are very broad and do not define clear activation boundaries, so ordinary user text or attached-file discussions could unintentionally trigger parsing or translation workflows. In a skill that reads files and persists extracted content, ambiguous triggers increase the risk of unintended processing of sensitive user material or accidental state changes.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to append uploaded material-derived vocabulary and grammar into local reference files without explicit user notice or consent. This creates a real privacy and data-retention risk because user-provided homework, lesson content, or potentially copyrighted or sensitive material may be stored persistently beyond the immediate session.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code uploads PDF contents to an external API with no visible warning, consent flow, or privacy notice in the script. Because users may provide homework sheets or other documents containing personal or educational data, silent transmission to a third party increases privacy and compliance risk even if the feature is intended for legitimate tutoring use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal