ClawHub

Slide Generator

Security checks across malware telemetry and agentic risk

Overview

The slide-generator purpose is legitimate, but it can install an additional unpinned workflow skill automatically, which deserves user review.

Before installing, confirm you trust AnyGen and are comfortable sending presentation content to its service. Pay special attention to the instruction that may install `anygen-workflow-generate`; only allow that if you can verify the source and accept a persistent change to the agent environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The manifest description uses extremely broad trigger language such as 'use this skill any time' and enumerates many generic presentation-related requests, which can cause the agent to invoke this skill too aggressively. In practice, overbroad triggering can route unrelated or only tangentially related user requests into an external slide-generation workflow, increasing the chance of unnecessary tool use, external data exposure, and unintended installation/authentication actions.

Natural-Language Policy Violations

Low
Confidence
82% confidence
Finding
The description hard-codes Chinese trigger phrases as automatic activation conditions without indicating language matching, user preference, or opt-in behavior. That can cause the skill to fire based on keyword detection alone in multilingual contexts, leading to misrouting of requests and potentially sending user content into an external slide-generation flow when that was not the user's intended action.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal