ClawHub

把播客变成可读文章。支持输入音频文字稿、节目链接或摘要笔记,自动提炼核心观点、精选金句,生成适配微信公众号、知乎、企业内刊等多平台的图文内容。提供深度解析、精华摘要、对话体重构、社交媒体切片四种风格,开箱即用。

Security checks across malware telemetry and agentic risk

Overview

This skill coherently turns podcast material into publishable articles and only shows expected, disclosed local output-file creation.

Install this if you want podcast transcripts, links, or notes converted into article drafts. Expect it to save generated files locally; use a known output folder, review filenames derived from podcast names, and check generated HTML or article text before publishing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to create a dated subfolder and write generated content to disk, which expands behavior from content generation into filesystem side effects. This is risky because it can cause unauthorized file creation or persistence without explicit user consent, especially if folder names incorporate user-controlled podcast titles.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger conditions are broad enough that ordinary requests to summarize or rewrite content could invoke this skill unexpectedly. Overbroad activation increases the chance of unintended tool use, content fetching, or file-writing behavior being applied in contexts the user did not clearly request.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill requires creating directories and writing files but does not clearly disclose those side effects to the user before execution. Hidden write operations are dangerous because they violate user expectations, create persistent artifacts, and can be abused if user-provided names influence the target path.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal