ClawHub

html-based slides

Security checks across malware telemetry and agentic risk

Overview

This is mostly a slide-deck helper, but it relies on copying executable JavaScript from an unspecified prior presentation and then opening the generated HTML, so users should review outputs before use.

Install only if you are comfortable reviewing the generated HTML before opening or sharing it. Ask the agent to use only bundled or explicitly named JavaScript, confirm before launching the browser, avoid external fonts or remote images for sensitive decks, and clear local comments on shared machines.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to automatically run a local `open [filename].html` command after generating the deck. Triggering a system command and launching a browser is a side effect beyond merely creating a presentation file, and it can surprise users or create an unintended execution path without explicit consent.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger description includes broad generic phrases such as requests to create presentations, reviews, and strategy decks, which can cause the skill to activate in situations the user did not intend. Over-broad invocation increases the chance that this skill's file-writing and browser-opening behaviors are applied to unrelated requests.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to save files and automatically open them in a browser without an explicit warning or confirmation about filesystem writes and application launching. Hidden side effects reduce user control and can normalize unsafe behavior, especially because the output is active HTML containing inline CSS/JS.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal