ClawHub

Element Lawsuit Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local legal-document generator, but it should be used carefully because it handles sensitive case materials and can fetch blank templates from remote repositories.

Use trusted local templates for confidential cases when possible. Before installing, be comfortable with the skill reading the documents you provide, writing generated DOCX files locally, caching templates, and contacting Gitee/GitHub for blank templates if no local or cached template is available. Avoid running included test/debug scripts on real case files in shared environments.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill documentation describes capabilities to read local files, write generated DOCX output, download templates from GitHub, and invoke OCR-related tooling, but it does not declare corresponding permissions. This mismatch is dangerous because users and policy engines may underestimate the skill's access to sensitive lawsuit documents and its outbound network behavior, especially given the highly confidential legal data the skill is designed to process.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly advertises '本地+GitHub远程下载' templates but does not disclose that network access may occur or clarify whether any uploaded content, metadata, or document-derived identifiers could be transmitted during template retrieval. In a legal-document workflow handling potentially sensitive case materials, undocumented remote access increases privacy, supply-chain, and user-consent risk even if the implementation only fetches templates.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script writes full legal test documents containing personal data such as names, addresses, and phone numbers into predictable files under /tmp. On multi-user systems or shared environments, /tmp is commonly world-accessible, and predictable filenames increase the risk of unintended disclosure, overwriting, or symlink-based file attacks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The standalone test block prints extracted content from legal documents directly to stdout, including the first 1000 characters and metadata derived from the file. Lawsuit documents commonly contain highly sensitive personal and case information, so running this script in shared terminals, CI logs, or service logs can leak confidential data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal