Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
项目宣传页和长截图一键生成工具
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly matches its advertised purpose, but it contains an unsafe hidden Git-clone path that can pass user input directly into a shell command.
Use this only on projects and paths you intentionally select. Avoid using the undocumented Git-clone option until the shell-command handling is fixed, and be aware that generated HTML may rely on a third-party CDN helper for browser-side image export.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A maliciously crafted Git URL could cause the local machine to run commands beyond generating a project introduction page.
Why it was flagged
The Git URL parameter is inserted directly into a shell command. If that value is influenced by a prompt, user input, or an untrusted repository string, shell metacharacters could execute unintended commands.
Skill content
async function cloneRepo(gitUrl) { ... execSync(`git clone --depth 1 ${gitUrl} ${tempDir}`, { stdio: 'inherit' });Recommendation
Replace shell-string execSync with spawn/execFile using an argument array, validate allowed Git URL formats, and document any Git-clone feature clearly before use.
What this means
Generated or opened pages that use this helper may depend on external CDN code, which can affect availability and supply-chain trust.
Why it was flagged
The included helper loads browser JavaScript from a third-party CDN at runtime instead of bundling the dependency locally.
Skill content
s.src='https://cdn.jsdelivr.net/npm/html2canvas@1.4.1/dist/html2canvas.min.js';
Recommendation
Prefer bundling a pinned local copy or using subresource integrity, and disclose the remote runtime dependency to users.