ClawHub

Bytesagain Comic Script

Security checks across malware telemetry and agentic risk

Overview

This skill does not look malicious, but its comic-writing branding conflicts with content-marketing behavior and it keeps local command history.

Review before installing. The skill appears to run locally without network access or credentials, but it is not consistently described: much of it is a content-marketing assistant rather than a comic storyboard tool. Do not enter confidential campaign ideas, client topics, unpublished drafts, or sensitive keywords unless you are comfortable with them being written to a local history.log file; set COMIC_SCRIPT_DIR to a location you control and clear it regularly if you use it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Tp4

High
Category
MCP Tool Poisoning
Confidence
97% confidence
Finding
The manifest and description present this as a comic storyboard skill, but the documented behavior is a general content-marketing/blog assistant with local activity logging. This mismatch can mislead users and downstream systems into invoking the skill in contexts where its actual capabilities and data handling were not expected, undermining trust and safe tool selection.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The skill metadata says it drafts comic storyboards, panels, and dialogue, while the body documents SEO, headlines, schedules, CTAs, repurposing, and metrics for generic content marketing. Such semantic deception increases the risk of unauthorized or inappropriate use because users may expose prompts or workflows to a tool they would not have chosen if accurately labeled.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The heading 'Comic Script' suggests comic-writing functionality, but the command set is for blog drafting, SEO, scheduling, and marketing workflows. While not direct code execution, this inconsistency is dangerous because it can cause mistaken trust, misrouting by agents, and accidental disclosure of project data to an unrelated tool.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The script's behavior and help text implement a generic content/SEO assistant rather than the declared comic storyboard skill. This kind of capability mismatch is dangerous because users and higher-level agents may invoke it under false assumptions, causing unintended data handling, workflow abuse, or policy bypass through deceptive packaging.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The inline documentation explicitly describes a generic content optimization tool, contradicting the skill's stated comic-storyboarding intent. Misleading documentation increases the risk that users or orchestrators trust and deploy the skill in inappropriate contexts, masking actual behavior and making review, consent, and monitoring less effective.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The file states that every command is logged to a local history file, but this is not surfaced as a clear privacy warning or opt-in behavior. Users may enter sensitive topics, drafts, or proprietary content assuming ephemeral processing, and those inputs would instead be retained on disk where other local users, backups, or support processes could access them.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The logging function writes user-supplied arguments into a persistent history file without notice, consent, redaction, or sensitivity checks. In a content-generation context, prompts may contain unpublished creative work, confidential campaign text, or personal data, so silent retention can create privacy, compliance, and data exposure risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal