ClawHub

Film Production Assistant

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent film pre-production assistant, but its optional Word export uses an unsafe shell command pattern and its call-sheet workflow handles sensitive location and personnel details.

Review before installing if you plan to use document export. Prefer text output unless export is implemented with safe file-writing and non-shell argument handling. Treat call sheets and schedules as confidential: minimize personal phone numbers, exact addresses, access instructions, and movement details, and share full versions only with authorized cast and crew.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The catch-all trigger 'Any film pre-production planning request' is broad enough to activate the skill for loosely related requests, which can cause inappropriate prompt injection of this skill's instructions into contexts the user did not explicitly choose. While not directly enabling code execution or data exfiltration, it increases the chance of scope creep, misrouting, and unintended handling of sensitive project information.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The skill contains behavior customized to a specific named person ('David') without any runtime verification, consent, or opt-in. This can cause the agent to make unwarranted assumptions about the current user, alter tone and decision-making inappropriately, and leak or apply profile-specific context to someone else using the skill.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The prompt explicitly instructs the model to include sensitive operational details such as full addresses, parking instructions, nearest hospital/police information, and emergency contacts for cast and crew distribution. In a film-production context this is operationally normal, but without privacy warnings, minimization guidance, or access controls, the skill can facilitate unnecessary exposure of personal and location-sensitive information if outputs are shared broadly or logged insecurely.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
This output contains highly specific personal and operational details, including names, phone numbers, a residential filming location, building access instructions, emergency contacts, and logistical notes. In a real production context, exposing this information in broadly accessible markdown can enable stalking, social engineering, unauthorized set access, doxxing, or physical security incidents; the 'CONFIDENTIAL' footer does not mitigate the exposure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The file discloses individualized movement and timing information, such as hotel pickup location, self-drive status, pre-rig arrival times, and department pre-calls for named people. That combination creates a practical targeting and surveillance risk by revealing when and where specific individuals will be present, which is especially sensitive in a call sheet whose purpose is coordinating real-world personnel movements.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal