ClawHub

Web Novel Creator (网文创作协调层)

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only web-novel workflow skill that can reorganize novel project files and hand indexing to another skill, but the behavior is disclosed and aligned with its purpose.

Before installing, understand that this skill may move or rename chapter files under your novel project, create planning/title files, and ask Memory Manager Pro to update memory indexes. Keep backups for important writing projects and ask for a preview or confirmation before migration or full reindexing if your workspace contains valuable drafts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill presents itself as a passive compatibility/archive layer, but later grants itself authority to generate chapter plans and directly write continuation content via a fallback path. This mismatch can cause users or orchestrators to delegate the skill with the wrong trust assumptions, resulting in unexpected content creation and side effects beyond the advertised scope.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The documentation says the skill does not directly create正文, then immediately documents exceptions allowing it to generate planning and directly continue writing. Contradictory instructions weaken security boundaries and can lead higher-level agents to invoke the skill in situations where they intended a non-creative archival tool, increasing the risk of unauthorized file/content modification.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README advertises automatic post-creation archiving, migration, and full index updates, but does not warn users that these operations may move, overwrite, or broadly process files in a shared project workspace. In a skill explicitly designed to interoperate with multiple other skills and a memory/indexing system, undisclosed filesystem and indexing side effects can lead to unintended data modification, privacy exposure, or destructive project-state changes.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The changelog states the skill will automatically detect external skills and automatically migrate their outputs, but gives no disclosure of concrete file-moving behavior or safeguards. Because this compatibility layer spans multiple directory conventions, automatic detection and migration increases the risk of moving the wrong content, clobbering files, or ingesting unintended data into downstream indexing workflows.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs creating directories, migrating files, and initializing project structures without clearly requiring confirmation or warning that project files will be modified. In a file-managing skill, implicit write/move operations are security-relevant because they can overwrite, relocate, or restructure user content unexpectedly.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill directs sending project and chapter metadata to Memory Manager Pro for indexing but does not clearly warn that user content metadata will be shared with another skill/component. Even if the recipient is internal, undisclosed data handoff can expose sensitive project names, chapter titles, and workflow metadata beyond the user's expected processing scope.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal