ClawHub

panda-knowledge-card

Security checks across malware telemetry and agentic risk

Overview

This markdown-only skill coherently turns user-provided content into local knowledge-card prompts and images, with privacy considerations around saved files and delegated image generation.

Install if you are comfortable with this skill saving your input text, derived outlines, prompts, generated images, backups, and EXTEND.md preferences under the selected project or home-directory paths. Avoid sensitive or proprietary source material unless local retention and any separate image-generation backend are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases include generic terms like “生成卡片”, “做成卡片”, and “卡片系列”, which can overlap with ordinary user requests and cause this skill to activate unexpectedly. Over-broad activation increases the chance of unintended file reads, prompting flows, or image-generation actions in contexts where the user did not explicitly intend to invoke this skill.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill writes `source-{slug}.md` to disk but does not prominently warn users that supplied article content may be persisted locally. If users provide sensitive or copyrighted material, this can create unintended data retention and disclosure risk, especially on shared machines or synced directories.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs saving pasted article content to disk as `source-{slug}.md` but does not require informing the user that transient chat input will become a persistent local file. This creates a privacy and data-handling risk because users may paste sensitive drafts, internal notes, or proprietary material expecting in-session use only.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The workflow directs automatic creation of `outline.md` and per-card prompt files without clearly telling the user that their input and derived content will be persisted as files. While expected in a content-generation workflow, undisclosed persistence still poses a confidentiality risk if the material contains sensitive information.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The workflow sends prompt files and possibly reference images to another image-generation skill, which may further transmit or process that data, yet no privacy warning or consent gate is required. This is risky because prompts can contain copied source text and reference images may contain personal or proprietary visual data, expanding exposure beyond the current skill.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The instruction to back up existing files and then generate output with the same names implies filesystem modification and possible replacement behavior, but the user is not clearly warned. Even with backups, silent overwrites or file churn can surprise users and lead to confusion, data loss, or leakage through backup copies.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal