ClawHub

Editorial Review

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Chinese editorial review aid, with mainland-China-oriented compliance guidance that users should treat as advisory and jurisdiction-specific.

Install this only if you want Chinese pre-publication review that includes mainland-China-oriented political and advertising compliance checks. For Taiwan, Hong Kong, academic, journalistic, diaspora, or international contexts, tell the agent the target region and audience first, and treat compliance findings as advisory rather than neutral editorial truth or legal approval.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The manifest grants filesystemWrite for an editorial review skill, but the described function is reviewing and checking text, not modifying local files. Unnecessary write access violates least privilege and increases the blast radius if the skill is compromised, misused, or prompted into overwriting, altering, or planting files on the host.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The activation description includes very broad triggers such as generic requests to 'review', 'check this', or 'look this over' when Chinese text is present. In an agent environment, this can cause the skill to activate in situations outside the user's intent, potentially injecting political/compliance screening behavior into ordinary editing tasks and increasing the chance of inappropriate or overreaching moderation-style output.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The 'General quality' activation rule is ambiguous because it allows invocation whenever a user submits Chinese text and asks to 'look it over', 'check this', or 'review' without defining boundaries. This ambiguity can lead to unintended skill routing, causing the agent to apply unnecessary compliance and political screening to benign content, which may disrupt user intent and create policy or trust issues.

Natural-Language Policy Violations

High
Confidence
97% confidence
Finding
The file sets a politically contested framing as a default editorial requirement, presenting it as universally applicable rather than clearly limited to mainland China publication contexts. In an editorial-review skill, this can cause the agent to overwrite user intent, mislabel jurisdictions, and inject politically biased terminology into otherwise neutral or internationally targeted content.

Natural-Language Policy Violations

High
Confidence
98% confidence
Finding
These rules repeatedly require government-specific terminology for Taiwan, Hong Kong, Macau, Tibet, and related topics without any locale gate or user consent. Because the skill is described as broadly applicable to Chinese proofreading and compliance review, the agent may impose state-preferred wording on users who only requested language review, creating covert ideological rewriting and potential reputational or legal issues in other jurisdictions.

Natural-Language Policy Violations

High
Confidence
96% confidence
Finding
The guidance directs the model to adopt official Chinese framing for contested claims in Xinjiang and related sovereignty disputes, treating one side of a disputed issue as the required baseline. In a compliance-review skill, this is dangerous because it can suppress factual nuance, alter user meaning, and systematically bias outputs on sensitive geopolitical subjects without transparency.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The file prescribes official terminology for historically and politically sensitive topics as default wording, even where neutral descriptive phrasing may be more appropriate. This can lead the editor to silently substitute politically loaded language into user content and reduce trustworthiness for academic, journalistic, or international use cases.

Natural-Language Policy Violations

High
Confidence
97% confidence
Finding
This section applies official political framing across multiple contested topics as a general default, including censorship, sanctions, COVID-19 origins, and political systems. Given the skill's broad activation conditions, the model could inject state-aligned narratives into ordinary editorial review tasks, making the skill prone to undisclosed propaganda-like output rather than user-directed editing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal