ClawHub

project-timeline-board

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a local/config-driven page renderer with a real HTML-injection weakness, but the available evidence does not show hidden access, credential use, persistence, exfiltration, or destructive behavior.

Install only if you trust the skill source and any PROJECT_CONFIG files you open with it. Do not load shared or third-party configs unless you have reviewed them, because embedded HTML or script-like payloads may run in the rendered page. Prefer an updated version that renders config fields as text or sanitizes allowed markup.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The renderer repeatedly inserts values from window.PROJECT_CONFIG into the DOM using innerHTML without escaping or sanitization. If the configuration file can be edited by an untrusted party or influenced by external data, an attacker can inject arbitrary HTML or JavaScript, resulting in DOM-based XSS and full script execution in the page context.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This finding describes the same core issue: untrusted configuration data is treated as trusted markup and injected into the DOM via innerHTML. In this skill, the config-driven design increases risk because the advertised workflow encourages users to edit a JS config file, making it easy for malicious payloads to be placed where they will execute when the page renders.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal