ClawHub

Outline Revision Annotator

Security checks across malware telemetry and agentic risk

Overview

This is a local document-comparison helper that reads user-chosen draft files and creates annotated comparison outputs, with no evidence of hidden network access or credential use.

Install this for local structural comparison of drafts. Use it in a dedicated project folder, be aware that generated reports and extracted text may contain sensitive draft content, and opt out or avoid the auto-follow workflow when you do not want extra comparison files created.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill explicitly instructs the agent to read source files, generate reports, and write multiple output artifacts, but it does not declare permissions for those filesystem operations. That mismatch weakens policy enforcement and user transparency, because an orchestrator may invoke file read/write behavior that is not surfaced in the skill contract.

Vague Triggers

Medium
Confidence
79% confidence
Finding
Several trigger phrases are generic enough to match ordinary comparison or report-generation requests that are not actually about structural PDF outline review. This can cause unintended invocation of a skill that reads documents and produces derived files, increasing the chance of unnecessary file access or confusing side effects.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The auto-follow hook allows automatic execution after the agent edits very common writing artifacts, and the gating conditions are still broad enough to be satisfied in routine workflows. Because this skill reads baselines and writes multiple outputs automatically, ambiguous triggering can lead to unexpected processing of sensitive drafts or surprise file creation without a clearly intentional user request.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal