ClawHub

Scientific Drawing

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a drawing tool, but its output handling can write to a fixed personal Windows folder and may allow user-provided filenames to escape the intended location.

Review before installing. Use this only in an environment where unintended file writes are contained, and prefer a version that lets you choose a safe output directory, normalizes filenames, and prevents paths from escaping that directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The code hardcodes output to a personal absolute path (D:/Personal/OpenClaw/figures), which can cause unintended writes to a host-specific location and leaks assumptions about the developer's environment. In an agent context, user-controlled output_name values are joined directly to that directory, so the skill may write files outside the expected working area or fail unpredictably on other systems.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill writes output to a hard-coded personal path (D:/Personal/OpenClaw/figures), which exceeds the minimal capability implied by a generic drawing tool and can cause unintended writes on the host filesystem. In an agent environment, fixed-path writes can leak assumptions about the operator's machine, overwrite existing files, or fail unpredictably when that path maps to a sensitive or shared location.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Tying the skill to a specific personal Windows directory introduces an unjustified environment-specific filesystem dependency that is unrelated to drawing logic. This makes the skill less portable and, in a privileged runtime, could direct writes into a real user-owned location without consent, increasing the chance of unauthorized persistence or accidental data modification.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal