ClawHub

Deep Research Report

Security checks across malware telemetry and agentic risk

Overview

This skill generates Chinese research reports and saves them locally as disclosed, with no evidence of network access, credential use, or hidden destructive behavior.

Install only if you are comfortable with generated reports being saved automatically in the local Obsidian workspace. Avoid using it with highly confidential financial, business, or policy material unless that local retention is acceptable, or edit the script first to require confirmation or choose a different output path.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that generated reports are automatically saved to a local path without any user notice, confirmation, or discussion of sensitivity. This creates a real risk of unintended persistence of confidential user-provided research materials, financial analysis, or proprietary data onto local storage, which can expand exposure beyond the immediate chat context.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The script writes generated content to a hard-coded filesystem location without confirmation, which can cause unintended persistence of sensitive user material. In an agent/skill context, automatic writes to a fixed path are risky because users may not realize their input is being stored locally, potentially exposing confidential research or overwriting organizational content conventions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal