ClawHub
Back to skill

Security audit

read-any-document (Canonizr)

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only document conversion skill with privacy caveats but no hidden code, credential access, or unrelated behavior found.

Install only if you intend to use Canonizr for document-to-Markdown conversion. Before processing sensitive documents, confirm where Canonizr runs and whether content leaves your machine, and only run the service-management commands when you mean to manage the local Canonizr service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill is described broadly as able to read 'any document' and convert many file types, but it provides no trigger constraints, safety boundaries, or usage restrictions. In an agent setting, overly broad invocation can cause the skill to be selected for sensitive files or untrusted content without adequate user confirmation, increasing the chance of unintended data exposure or unsafe processing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill processes uploaded documents, including OCR/transcription and optional JSON metadata extraction, but it does not warn users that document contents and metadata may be captured, transformed, and stored. This omission is risky because users may unknowingly submit sensitive documents containing personal, financial, contractual, or embedded metadata that could be exposed in logs, adjacent output files, or downstream systems.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.