ClawHub

Gcadclaw

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed GstarCAD automation helper that writes expected local drawing and validation artifacts, with no evidence of hidden exfiltration or destructive behavior.

Install only in a Windows environment where you intend to let the agent control GstarCAD. Use a dedicated project/output folder, avoid opening confidential or irreplaceable drawings unless backed up, and review generated screenshots, JSON entity exports, and DWG files before sharing them because they may contain sensitive design information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The manifest grants a broad `exec` capability even though its stated purpose is CAD drawing automation via pygcadwin. In an agent setting, unrestricted command execution materially expands the attack surface: prompt-influenced workflows, referenced docs, or downstream logic could invoke arbitrary OS commands, enabling file tampering, data exfiltration, or persistence on the Windows host.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly states that each drawing task automatically produces multiple local artifacts, including screenshots, action logs, entity snapshots, reports, and DWG files, but it does not warn users about where data is written, retention, overwrite behavior, or possible exposure of sensitive design content. In a CAD automation skill, these artifacts can contain proprietary engineering data or visual captures of confidential drawings, so silent filesystem writes and screenshot generation create a real privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill instructs automatic creation and saving of DWG files plus multiple feedback artifacts, and it can modify live GstarCAD drawings, but it does not require explicit user acknowledgment before writing to disk or changing an existing document. In a CAD context, this can overwrite work, leak project data into screenshots/JSON artifacts, or persist unintended changes to engineering files.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script enumerates CAD entities, includes text content (TextString) and metadata such as layer/object identifiers, and writes the resulting JSON to an arbitrary filesystem path. In a CAD/engineering context, drawing text and entity metadata can contain proprietary design details, part numbers, annotations, or customer information, so exporting them without consent prompts, minimization, or output protections creates a real data exposure risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal