ClawHub

Drop a contract, get answers. lawclaw rips through PDFs, spots risky clauses, diffs redlines, checks citations, and searches thousands of discovery docs—locally, so nothing leaves your machine. Built for attorneys and paralegals who bill by the hour and can't waste one

Security checks across malware telemetry and agentic risk

Overview

lawclaw is a local legal-document command helper with proportionate tooling, but users should handle generated text files and optional cloud integrations carefully.

Use this in a dedicated case folder, review batch commands before running them, keep backups, and protect or delete generated .txt, diff, CSV, log, and index files under the same confidentiality rules as the originals. Treat the core workflow as local-only, but do not combine it with Google Workspace or any other cloud-connected skill for client materials unless you have appropriate consent and understand what may leave the machine.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill repeatedly assures users that processing is local and that nothing leaves the machine, but then recommends combining it with a Google Workspace integration skill. That creates a contradictory trust boundary: users handling privileged legal materials may rely on the local-only claim and then inadvertently move sensitive content into external services. In a legal workflow, that mismatch can lead to confidentiality, privilege, and compliance exposure.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill markets itself as local-only with no third-party servers, yet elsewhere suggests use with a cloud-connected integration skill. For attorneys and paralegals, that claim is security-relevant because it influences decisions about processing privileged, confidential, or regulated documents. A misleading local-only assurance can cause unsafe handling of sensitive legal data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal