ClawHub

Novel Writing Assistant

Security checks across malware telemetry and agentic risk

Overview

This looks like a normal local novel-writing helper that reads and creates files in a novel folder, with no evidence of hidden network access or credential use.

Use this skill only on the novel workspace you intend it to read or modify. Before conversions, choose an output path carefully because the Markdown-to-TXT script writes a .txt file and can overwrite an existing target. The referenced compile_novel.py script is missing, so do not rely on that specific capability unless the publisher supplies it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill directs the agent to read existing chapters, save new chapters, and use conversion scripts, which clearly implies file read/write behavior while no permissions are declared. This creates an authorization and transparency gap: the agent may modify project files without an explicit permission boundary or user awareness.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description ends with a broad trigger such as 'any other novel writing tasks,' which makes activation criteria ambiguous and overly expansive. Overbroad routing can cause the skill to activate for unintended requests, increasing the chance of unnecessary file access, file modification, or use of local scripts in contexts the user did not clearly request.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The instructions tell the agent to save chapters, store references, and convert formats using scripts, but provide no warning that these actions modify project files. In a writing workspace, that can lead to silent overwrites, unwanted file creation, or running file-transforming workflows without informed user consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal