ClawHub

Meme Generator

Security checks across malware telemetry and agentic risk

Overview

The skill advertises meme-caption generation but also ships an unrelated local data/logging utility that stores user input on disk without clear disclosure.

Review this before installing. The meme-generation script itself is limited, but the package also includes a generic local data utility that writes user input under the meme-generator data directory. Avoid entering sensitive text, set MEME_GENERATOR_DIR to a disposable location if testing, and install only if you are comfortable with that extra local persistence.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Tp4

High
Category
MCP Tool Poisoning
Confidence
83% confidence
Finding
The skill is presented as a meme-caption generator, but the analysis indicates broader file management, persistence, history logging, and generic search/export behavior unrelated to that narrow purpose. That mismatch is risky because users or orchestrators may grant trust or invoke the skill for harmless text generation while it also handles local data in ways that expand privacy and abuse potential.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The script’s actual functionality is a generic local logging/data-management CLI, not a meme caption or template generator as advertised. This capability mismatch is dangerous because users or calling agents may invoke it expecting harmless content generation while it silently creates and persists local data, enabling deceptive data collection and unintended filesystem side effects.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The inline help and documentation explicitly describe the tool as a 'Multi-purpose utility tool,' which contradicts the stated meme-generator skill intent. This inconsistency increases the risk of deceptive behavior and misuse because operators cannot accurately understand what the skill will do from its metadata, undermining trust and safe review.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The invocation description is broad enough that an agent may activate this skill in loosely related contexts like captions, reactions, trends, or general humorous content. Over-broad matching increases the chance of unintended execution, which is more concerning here because the skill reportedly has capabilities beyond simple meme generation.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Command names like create, trending, reaction, caption, template, and viral are generic and could be matched or inferred in unrelated tasks. In an agent ecosystem, ambiguous commands raise the likelihood of accidental invocation or misuse, especially when the underlying implementation may perform broader local-data operations than the name suggests.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The logging helper appends command arguments to a history file without any disclosure in comments or help output. While this is only local persistence, it can capture sensitive user-provided strings unexpectedly, which is more concerning here because the skill is presented as a meme tool rather than a logger.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The add command stores arbitrary user-supplied arguments into a local data file with no explicit notice to the user. This creates a privacy and transparency issue because unsuspecting users may provide content assuming ephemeral processing, but the tool persists it on disk for later retrieval/export.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal