ClawHub

Agentcad Skill

Security checks across malware telemetry and agentic risk

Overview

This CAD helper skill is coherent and disclosed, but users should know it runs local CAD scripts and may open generated previews in a browser.

Install this only if you want your agent to use the local agentcad CLI to run CAD Python scripts and create model files. Consider telling the agent to ask before running `agentcad view` if you do not want browser windows opened automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill is described as applicable whenever a user asks to design, model, or build a 3D object, without meaningful narrowing conditions or explicit safety boundaries. Broad activation can cause the agent to invoke a code-executing CAD tool in situations where a simpler, non-executing response would suffice, increasing the chance of unnecessary code execution and unsafe downstream actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The workflow instructs the agent to open the interactive viewer in the user's browser after every successful build and says to do so unprompted. Launching browser content without a consent cue creates an unnecessary side effect and could expose the user to local HTML or rendered content automatically, which is especially risky because the tool generates files from executed scripts.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The command reference explicitly says to run `agentcad view FILE` after every successful build, which normalizes automatic browser launching as a default behavior. This compounds the unsafe side-effect pattern by encouraging agents to open locally generated HTML or model files without checking user intent or warning about the action.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal