ClawHub

Office Document Specialist Suite 1.0.2

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward Word document helper, though its description overstates support for Excel and PowerPoint.

Install only if you need a Word .docx template and styling helper, not a full Office automation suite. Run setup in an isolated environment, consider pinning dependency versions, and use copies of important documents when testing or applying formatting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Vague Triggers

Medium
Confidence
84% confidence
Finding
Stating that each tool may be called programmatically by the agent or via CLI scripts without clear invocation boundaries makes the skill easier to trigger in overly broad or unintended contexts. In an agent environment, vague activation guidance increases the chance of unauthorized file modification, accidental execution paths, or use on sensitive Office documents without sufficient user confirmation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill describes creating and editing Office documents and spreadsheets but does not warn that these actions can overwrite files, generate misleading business artifacts, or alter sensitive content. In document-handling skills, the absence of modification warnings and confirmation requirements increases the risk of silent data corruption, unintended disclosure, or unauthorized changes to important records.

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-docx>=1.1.2
lxml>=5.3.0
Confidence
91% confidence
Finding
python-docx>=1.1.2

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-docx>=1.1.2
lxml>=5.3.0
Confidence
91% confidence
Finding
lxml>=5.3.0

Known Vulnerable Dependency: lxml — 10 advisory(ies): CVE-2021-43818 (lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through); CVE-2014-3146 (lxml Cross-site Scripting Via Control Characters); CVE-2021-28957 (lxml vulnerable to Cross-Site Scripting ) +7 more

High
Category
Supply Chain
Confidence
62% confidence
Finding
lxml

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal