ClawHub

Tiangong Wps Word Automation

Security checks across malware telemetry and agentic risk

Overview

This is a local Word/WPS document automation skill whose file changes are disclosed and aligned with its purpose.

Install only if you need local Windows Word/WPS automation. Run it on trusted documents, choose output paths carefully, and work on copies when replacing text, inserting content, merging, splitting, exporting, or adding images to avoid overwriting originals.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documents operations that write or generate files (e.g., save, export, merge, split) but does not declare corresponding permissions. This creates a transparency and policy gap: an agent or reviewer may underestimate the skill's ability to modify user documents or create output files, increasing the chance of unsafe invocation or unintended file changes.

Description-Behavior Mismatch

Medium
Confidence
83% confidence
Finding
The manifest says the skill is limited to single-document actions, but the documented merge and split features operate across multiple files or produce multiple outputs. This mismatch can mislead users and orchestration systems about the skill's true capabilities, which matters because broader file-processing scope increases the risk of unexpected data modification or propagation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill exposes commands that modify documents and export new files without warning about overwrites, irreversible changes, or creation of derived artifacts. In a document automation context, this is especially risky because users may run commands on important business documents and unintentionally alter originals, leak data into exports, or overwrite existing files.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal