ClawHub

小说创作

Security checks across malware telemetry and agentic risk

Overview

This is mostly a normal AI novel-writing helper, but it includes review-evasion wording and needs clearer privacy notice for remote generation.

Install only if you are comfortable with your novel material being saved locally and sent to the LLM endpoint you configure. Use a dedicated API key, verify the API base URL, avoid confidential manuscripts unless you trust the provider, and remove or revise the review-evasion wording before using it in publication workflows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to configure an external API endpoint and generate chapters from user-supplied novel data, but it does not disclose that story content, character profiles, outlines, and related text may be transmitted to a third-party service. This creates a real privacy and data-handling risk because users may submit unpublished or sensitive material without informed consent or awareness of retention, logging, or provider-side use.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The code sends user-supplied novel content, character data, world settings, and prior chapter summaries to an external LLM API without any explicit disclosure, consent flow, or data-minimization guard at the call site. This creates a real privacy and data-governance risk because potentially sensitive or proprietary writing material is transmitted to a third-party service by default.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The regeneration path also transmits chapter-related context and user-provided problem descriptions to the external LLM service without an explicit disclosure step. Although this is consistent with the skill's functionality, it still exposes potentially confidential manuscript content and editing intent to a third party, making it a genuine privacy/security issue.

Ssd 2

Medium
Confidence
98% confidence
Finding
The template explicitly instructs the model to replace violent terms with euphemisms 'to avoid review issues,' which is classic moderation-evasion behavior. This does not reduce the underlying violent intent of the generated content; it instead helps prohibited or borderline content slip past keyword-based filters, making downstream safety controls less effective.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal