ClawHub

novel creator

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Chinese novel-writing skill that manages local project files, with no evidence of hidden credential access, exfiltration, or deceptive behavior.

Install if you are comfortable with a writing skill that reads and writes local novel-project files. Run initialization from the intended project folder, be careful with --clean, avoid storing secrets in the project directory, and override or avoid the bundled reference catalog if you want inclusive BL genre coverage.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs saving output and updating numerous local workspace files (`output/`, `plan/`, `memory/`, `manifest.json`) and even references initialization and cleanup scripts, but it does not require clear user consent at the moment of modification. In an agent setting, this creates a real risk of unintended local file writes, overwrites, or state changes, especially when the skill auto-detects existing workspaces and treats them as continuation projects.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The skill content is entirely written in Chinese and instructs behavior in Chinese without any indication that the user opted into that language. In an agent setting, forcing a language can override user preferences, reduce comprehension, and create a prompt-level steering issue where users may receive output they cannot understand or verify.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The file establishes a blanket exclusion of BL works as a standing content policy rather than a user-configurable preference or a clearly justified compliance requirement. In an agent skill, this can encode discriminatory behavior into outputs, causing systematic bias and inappropriate refusal or filtering for a protected or sensitive category of content.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
This section repeats the BL exclusion as a fixed rule for the 青春校园 category, reinforcing that the agent should suppress an entire class of works without user opt-in. That makes the behavior more likely to propagate into downstream recommendations or curation logic as an unfair content-filtering policy.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The 武侠仙侠 section again imposes a non-optional exclusion of BL works, showing the policy is systematic rather than incidental. In skill context, repeated hard-coded exclusions increase the risk that the agent normalizes discriminatory filtering across multiple genres and user interactions.

Natural-Language Policy Violations

Low
Confidence
90% confidence
Finding
The version history documents the removal of all BL works as an intentional ongoing policy, which confirms the exclusion is deliberate and maintained over time. While this section is descriptive rather than operative, it still signals that discriminatory filtering is part of the skill's design and may influence maintenance and future expansions.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal