ClawHub

Compile LaTex & Typst into PDF with TypeTex

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward remote Typst/LaTeX compiler, but users should only send documents they are comfortable uploading to the TypeTex API.

Use this for public or low-sensitivity documents unless you trust the TypeTex service and its data handling. Do not upload confidential manuscripts, proprietary images, secrets, regulated data, or private client material without approval or a local compilation alternative.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (16)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill metadata declares no required permissions, yet the documented behavior clearly uses network access and local file reads in examples. This mismatch can mislead reviewers and users about the skill's actual capabilities, reducing informed consent and weakening permission-based governance.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill is designed to send full Typst/LaTeX source and auxiliary files to a third-party remote API, but the description and early sections do not clearly warn about data leaving the local environment. Users may submit sensitive manuscripts, embedded secrets, unpublished research, or proprietary images without realizing they are being transmitted to an external service.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script transmits arbitrary LaTeX source to a third-party public API for compilation, but the example provides no explicit warning, consent prompt, or privacy notice to the user. This is dangerous because LaTeX documents commonly contain unpublished papers, credentials, internal data, or personal information, and users may assume compilation happens locally unless clearly told otherwise.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends arbitrary Typst source content to a third-party public API for compilation, but it does not clearly warn the user that document contents are leaving the local environment. This can expose sensitive source text, embedded secrets, proprietary documents, or regulated data if a user assumes compilation is local.

External Transmission

Medium
Category
Data Exfiltration
Content
import requests
import base64

response = requests.post(
    "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst",
    json={
        "content": """
Confidence
88% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
import requests
import base64

response = requests.post(
    "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/latex",
    json={
        "content": r"""
Confidence
88% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
import requests
import base64

response = requests.post(
    "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst",
    json={
        "content": """
Confidence
88% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
with open("figure.png", "rb") as f:
    image_base64 = base64.b64encode(f.read()).decode("utf-8")

response = requests.post(
    "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst",
    json={
        "content": """
Confidence
89% confidence
Finding
requests.post( "https://

External Transmission

Medium
Category
Data Exfiltration
Content
import requests
import base64

response = requests.post(
    "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst",
    json={
        "content": """
Confidence
88% confidence
Finding
requests.post( "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst", json=

External Transmission

Medium
Category
Data Exfiltration
Content
import requests
import base64

response = requests.post(
    "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/latex",
    json={
        "content": r"""
Confidence
88% confidence
Finding
requests.post( "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/latex", json=

External Transmission

Medium
Category
Data Exfiltration
Content
import requests
import base64

response = requests.post(
    "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst",
    json={
        "content": """
Confidence
88% confidence
Finding
requests.post( "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst", json=

External Transmission

Medium
Category
Data Exfiltration
Content
with open("figure.png", "rb") as f:
    image_base64 = base64.b64encode(f.read()).decode("utf-8")

response = requests.post(
    "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst",
    json={
        "content": """
Confidence
89% confidence
Finding
requests.post( "https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst", json=

External Transmission

Medium
Category
Data Exfiltration
Content
)
```

### Using curl

```bash
# Typst compilation
Confidence
92% confidence
Finding
curl ```bash # Typst compilation curl -X POST https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/typst \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
}' | jq -r '.pdf_base64' | base64 -d > output.pdf

# LaTeX compilation
curl -X POST https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/latex \
  -H "Content-Type: application/json" \
  -d '{
    "content": "\\documentclass{article}\n\\begin{document}\nHello World\n\\end{document}",
Confidence
92% confidence
Finding
curl -X POST https://studio-intrinsic--typetex-compile-app.modal.run/public/compile/latex \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
Returns:
        True if successful, False otherwise
    """
    response = requests.post(
        API_URL,
        json={
            "content": content,
Confidence
88% confidence
Finding
requests.post( API_URL, json=

External Transmission

Medium
Category
Data Exfiltration
Content
Returns:
        True if successful, False otherwise
    """
    response = requests.post(
        API_URL,
        json={
            "content": content,
Confidence
87% confidence
Finding
requests.post( API_URL, json=

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal