ClawHub

交互式教学网页生成器

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward teaching-page HTML generator, but its generated pages can load CDN scripts and should only be opened from trusted lesson content.

Install only if you are comfortable with generated pages contacting jsDelivr and running those libraries in the browser. Use trusted lesson files, because source text is inserted into the generated HTML; for offline or high-assurance classroom use, bundle local vetted copies of the libraries and add HTML escaping before publishing generated pages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The generated HTML unconditionally loads external CDN-hosted scripts when the output file is opened, causing unexpected network access and execution of remote code outside the local generation process. For a skill described as generating teaching HTML from local lesson materials, this expands the trust boundary and creates supply-chain and privacy risk if the CDN is compromised, blocked, or replaced.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The output page executes arbitrary third-party JavaScript from jsDelivr at runtime via script tags, which means anyone opening the generated file implicitly trusts external code not controlled by the skill user. This is dangerous because compromise of the CDN, dependency, or transit path could turn every generated teaching page into an execution vector in the user's browser.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal