ClawHub

Word DOCX Formatting Repair

Security checks across malware telemetry and agentic risk

Overview

This is a coherent DOCX formatting-repair skill with no executable code or hidden data behavior, though its routing language should be tightened.

Install only if you want an agent to help inspect or repair Word DOCX formatting. Use it on copies of documents, review changes before relying on the repaired file, and be cautious with confidential legal or business documents because implicit invocation could select this skill for some Word-related requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The file asserts 'validated demand' and 'broader demand' for the skill, but the cited evidence appears largely unrelated to DOCX formatting repair and comes from a single source family. This is dangerous because it can mislead routing, prioritization, or trust decisions about deploying the skill, creating a false legitimacy signal for downstream systems or reviewers.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger sentences are generic and templated enough that the skill could be invoked by loosely related requests rather than explicit DOCX-repair intent. In an agentic environment, overbroad activation increases the chance of unintended tool use, causing the model to follow specialized document-repair workflows when the user did not clearly request them.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrases are very broad and repetitive, making it easy for unrelated Word or document requests to activate the skill unexpectedly. Over-broad activation can cause inappropriate skill invocation, expand the skill’s operational scope beyond user intent, and increase the chance that risky document-handling guidance is applied in the wrong context.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger description is extremely broad, combining generic productivity terms with a long demand-validation sentence, which can cause the skill to activate in unrelated contexts. Over-broad activation increases the chance that the agent applies this skill when handling general document or Word-related requests, leading to prompt-routing errors, unintended file-handling guidance, or interference with more appropriate skills.

Vague Triggers

Medium
Confidence
97% confidence
Finding
The listed trigger keywords include generic terms like 'docx', 'styles', and 'track changes' without disambiguation or negative conditions, making accidental invocation likely during ordinary conversation. In an agentic system, this can misroute user requests, cause irrelevant instructions to be injected into the workflow, and reduce reliability when multiple skills compete for similar office-document tasks.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill enables implicit invocation without any visible trigger constraints or narrowing conditions, so the platform may auto-select it for loosely related requests. Because this skill is designed to inspect and modify DOCX content, over-broad activation can cause unintended handling of sensitive business or legal documents and increase the chance of inappropriate tool use in contexts the user did not clearly request.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger sentences are overly broad, ungrammatical, and likely to match ordinary user language that is not actually requesting this specific skill. This is dangerous because it can cause accidental invocation or misrouting, leading the agent to apply the wrong capability to unrelated tasks and increasing the chance of unintended file handling or workflow actions in document-heavy environments.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal