ClawHub

help you to make annual work summary ppt

Security checks across malware telemetry and agentic risk

Overview

This skill makes the promised annual-summary PPT, but it can run generated Node code and upload workplace content externally without a clear approval checkpoint.

Review before installing. Use this only for work-summary content that may be saved locally, uploaded to a CDN, and shared by link. Confirm the recipient/channel before delivery, avoid confidential personnel or business data unless your organization allows this workflow, and prefer adding explicit approval plus filename/content sanitization before running the generated Node script.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrase set includes common everyday requests such as writing a year-end summary, which can cause the skill to activate in contexts where the user did not explicitly ask for PPT generation or file creation. In this skill, accidental activation is more concerning because downstream behavior includes script generation, shell execution, file creation, CDN upload, and Feishu delivery.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The keyword list contains very generic phrases like '做PPT', which are broad enough to match many unrelated requests and may invoke this skill unexpectedly. Because the skill performs side effects beyond drafting text—creating files, running Node scripts, uploading artifacts, and sending them externally—an overly generic trigger materially increases the risk of unintended execution and data handling.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill specifies a workflow that writes code to disk, executes it with Node, creates a .pptx file, uploads the file to a CDN, and sends it via Feishu, but it does not require explicit user notice or consent for these side effects. This is dangerous because users may disclose sensitive performance, staffing, project, or planning information without realizing it will be persisted locally and transmitted to third-party or external channels.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal