ClawHub

Tech Doc Writer

Security checks across malware telemetry and agentic risk

Overview

This is a Markdown-only technical documentation writing skill with disclosed research and document-checking steps that fit its purpose.

Reasonable to install for technical documentation work. Expect it to research current technical sources when you provide URLs and to use simple local grep checks on generated Markdown; keep source fetching limited to documents you trust and review any generated command examples before running them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill explicitly tells the agent to fetch arbitrary user-provided URLs and consult external sources before writing. That expands the skill from offline document generation into networked content retrieval, which can be abused for unbounded outbound requests, access to attacker-controlled content, or unintended data flow through external services.

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
The skill mandates execution of shell commands like grep to validate document structure. Requiring command execution inside a writing skill creates unnecessary tool-use authority and can normalize shell invocation on agent-controlled file paths, increasing the risk of command misuse, sandbox escape attempts, or unintended interaction with the local environment.

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
The checklist repeats and reinforces the requirement to run grep-based scans over generated files, making command execution a persistent part of the workflow rather than an incidental example. That broadens the skill's operational scope and increases the chance that an agent with shell access will execute local commands in contexts where only text generation was expected.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal