ClawHub

Comic Guide Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent comic-guide generation skill, with install-time supply-chain and franchise-style content risks that users should review.

Prefer ClawHub or manual installation over piping a remote script into bash; if using the script, inspect it and the destination paths first. Use original or licensed characters/styles for outputs you plan to publish or use commercially.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The README promotes installation via a remote shell script even though the skill’s purpose is comic-guide generation, not privileged system setup. This creates unnecessary supply-chain risk because users may execute unreviewed code from a network location that can change over time.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The file explicitly defines Doraemon and Nobita as characters for generated output, which steers the skill toward imitating copyrighted franchise characters rather than using original educational mascots. In a content-generation skill, this increases the chance of producing infringing outputs and exposes downstream users or operators to IP, policy, and compliance risk.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The character definitions are not merely referential; they provide concrete appearance cues for well-known protected characters, enabling deliberate imitation in generated comics. Because the skill's purpose is educational comic generation, embedding imitation-ready franchise specifications broadens misuse and makes policy-violating generation more likely.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The file contains explicit prompts for named copyrighted franchises and recognizable characters, which creates an IP/compliance risk by steering the system to generate derivative branded content beyond a generic 'comic style' capability. In this skill context, the behavior is not directly a software exploit, but it is still a real safety/compliance issue because the prompts operationalize infringing outputs as a built-in feature.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill explicitly enables branded character depictions that are unnecessary for producing educational comic guides, expanding the system from functional illustration into avoidable copyright/trademark-sensitive generation. Because these prompts are embedded as reusable templates, misuse is easy and likely, increasing legal and policy exposure even if the author intended convenience rather than abuse.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Piping a downloaded script directly into bash executes remote code immediately without review, integrity verification, or meaningful user warning. If the upstream repository, raw content path, maintainer account, or transport chain is compromised, users can suffer arbitrary code execution on their machine.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The installer creates destination directories and proceeds to copy files into user skill locations without any confirmation prompt or dry-run preview. In a multi-platform environment, this can unexpectedly modify several local agent configurations, which increases the chance of unintended installation of unreviewed prompt content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script downloads remote content and immediately uses it as the source of installed files without a clear user-facing warning or integrity verification. This creates a supply-chain exposure: if the repository or network path is compromised, users may silently install malicious skill instructions into trusted local AI tools.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal