ClawHub

Arxiv

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: searches ArXiv and summarizes papers, but it also keeps a disclosed local research log.

Install this only if you are comfortable with ArXiv queries being sent to ArXiv and discussed paper details being saved locally in memory/RESEARCH_LOG.md. Avoid using it for confidential research unless you are prepared to review or delete that log.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill mandates writing research summaries to persistent memory even though its stated purpose is search and summarization. This creates unnecessary data retention and expands the skill's behavior beyond user expectations, potentially storing sensitive research interests or queries without consent.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The workflow requires mandatory persistence to `memory/RESEARCH_LOG.md`, which is inconsistent with the manifest's search/summarize description. This mismatch is dangerous because users and reviewers may not expect local state changes, enabling stealthy collection of activity history and making the skill more invasive than advertised.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
Automatic writes to memory without warning the user undermine transparency and informed consent. Even if the stored content is only paper metadata and summaries, it can reveal interests, projects, or strategic research areas over time and create privacy and retention risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow's 'MANDATORY' persistence requirement enforces retention without explaining data-handling implications. This makes the skill more dangerous in context because it converts a read-oriented research tool into a silent logging mechanism, which can accumulate sensitive usage patterns over time.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal