ClawHub
Back to skill

Security audit

Word DOCX Formatting Repair Helper

Security checks across malware telemetry and agentic risk

Overview

This appears to be a Word/DOCX workflow helper with no evidence of credential access, persistence, exfiltration, or destructive behavior.

Install this if you want help with Word/DOCX formatting and repair workflows. Be aware it may activate on generic terms like formatting, styles, or tables, so users should confirm the task is actually about Word/DOCX work before applying its guidance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description and activation criteria are broad enough to match many ordinary requests involving Word documents, formatting, or documentation support, which can cause the skill to be invoked outside a tightly bounded DOCX-repair use case. Overbroad routing increases the chance of unintended tool use, inappropriate guidance, or the skill overshadowing safer or more relevant skills in adjacent contexts.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger keywords include vague standalone terms such as 'formatting', 'styles', 'tables', and 'Microsoft Word', which are common across many benign user requests and are not sufficient to identify this specific repair workflow. This can lead to accidental invocation in unrelated contexts, expanding the skill's operational scope beyond what was intended.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill description is broad enough to match many generic Word- or formatting-related requests, which can cause the agent to invoke this skill outside its intended scope. Over-broad activation increases the chance of misrouting user requests, unnecessary file-handling guidance, or bypassing more appropriate domain-specific skills, especially when the request only loosely mentions Word or formatting terms.

Vague Triggers

Low
Confidence
79% confidence
Finding
The trigger-word list relies on broad keywords without boundary conditions, so simple mentions of terms like 'Word', 'tables', or 'find replace' may activate the skill even when the user's task does not actually require DOCX formatting repair. This ambiguity can lead to accidental invocation and lower-quality or inappropriate responses, though the security impact is limited because the skill itself does not contain obviously dangerous instructions.

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger sentence is extremely broad and unnatural, but it still overlaps with generic user phrasing like asking for help or a practical workflow. This can cause the skill to activate outside its intended DOCX/Word-specific scope, leading to inappropriate routing, user confusion, or unintended handling of unrelated requests.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation description and trigger block lack clear scope boundaries, so ordinary productivity requests could match even when they are not about Word document repair or formatting. In an agent environment, ambiguous triggers increase the chance of incorrect skill invocation, which can override better-matched skills or produce irrelevant automation guidance.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal