ClawHub
Back to skill

Security audit

Response Tone Polisher

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local writing tool for polishing reviewer responses, with ordinary user-directed file input and output risks but no hidden or malicious behavior found.

Install and run this like a normal local CLI utility. Only provide files you intend it to read, choose output paths carefully to avoid overwriting important files, and review polished responses before submission to ensure they do not falsely claim manuscript changes or concessions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Tainted flow: 'save' from input (line 543, user input) → open (file write)

Medium
Category
Data Flow
Content
"improvements": result.improvements,
            "suggestions": result.suggestions
        }
        with open(save, 'w') as f:
            json.dump(output, f, indent=2)
        print(f"✅ Saved to {save}")
Confidence
96% confidence
Finding
with open(save, 'w') as f:

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documentation describes local script execution with file-based input/output, but it does not declare corresponding permissions despite detecting file_read and file_write capabilities. This creates a security transparency gap: users and enforcement systems may underestimate what the skill can access, and if path validation is weak, the script could read or overwrite unintended workspace files.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal