ClawHub

Scisurvey

Security checks across malware telemetry and agentic risk

Overview

SciSurvey is a coherent academic review skill; its file creation and optional document conversion are purpose-aligned but should be understood before use.

Install this if you want an automated Sciverse-based literature review workflow. Before requesting DOCX, PDF, or LaTeX output, be aware it may create files in the working directory and may run local conversion tools if available; use Markdown output if you want the lowest-side-effect path.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to run local shell commands and invoke external tooling such as pandoc, xelatex, pdflatex, bibtex, brew, and apt. That expands the trust boundary from Sciverse-only retrieval into host-side command execution and file generation, which can modify the local environment or trigger unintended subprocess activity without clear user consent or capability checks.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description does not clearly define when the skill should not run, so ordinary writing or research-assistance requests may be misrouted into this autonomous survey pipeline. In this context, ambiguity is riskier because the skill is designed to perform many actions and maintain a long procedural flow, making unintentional invocation more operationally dangerous than a simple read-only helper.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description does not clearly define when the skill should not run, so ordinary writing or research-assistance requests may be misrouted into this autonomous survey pipeline. In this context, ambiguity is riskier because the skill is designed to perform many actions and maintain a long procedural flow, making unintentional invocation more operationally dangerous than a simple read-only helper.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill includes instructions to create files and potentially invoke local compilation/conversion tools, but the user-facing description does not warn about these side effects. This undermines informed consent and can surprise users with filesystem writes or local tool execution that exceeds expectations for a literature-review assistant.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal