ClawHub

Office Generator Py

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Office document generator with disclosed local Python setup and file output behavior, though users should treat its dependency install step with normal caution.

Install only if you are comfortable running local Python scripts and allowing pip to install third-party Office-generation libraries. Use a normal non-privileged environment, choose output paths deliberately, include only image files you intend to embed, and do not set OFFICE_GENERATOR_PYTHON unless it points to a trusted Python binary.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (12)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill instructs users to run Python setup and generation scripts that rely on shell execution, file reads/writes, and environment-variable overrides, yet the manifest does not declare these capabilities. This creates a permission-transparency gap: callers and policy systems may underestimate what the skill can do, making it easier to invoke code that touches the filesystem or uses a substituted Python interpreter without adequate review.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The description is broad enough to match many ordinary document-generation requests, which can cause the skill to be selected in situations where users did not explicitly ask to run a bundled Python-based generator. Overbroad auto-invocation increases the chance of unnecessary code execution and file access, especially because this skill ultimately drives local scripts and writes outputs to disk.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script automatically creates a virtual environment and installs packages from requirements.txt without any user warning, confirmation, or trust boundary checks. In a skill context, this can unexpectedly execute package installation workflows and pull code from external package sources, increasing supply-chain and unexpected-network-execution risk if dependencies are malicious or tampered with.

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-docx
docxtpl
openpyxl
XlsxWriter
Confidence
95% confidence
Finding
python-docx

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-docx
docxtpl
openpyxl
XlsxWriter
python-pptx
Confidence
95% confidence
Finding
docxtpl

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-docx
docxtpl
openpyxl
XlsxWriter
python-pptx
pydantic
Confidence
97% confidence
Finding
openpyxl

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-docx
docxtpl
openpyxl
XlsxWriter
python-pptx
pydantic
Confidence
94% confidence
Finding
XlsxWriter

Unpinned Dependencies

Low
Category
Supply Chain
Content
docxtpl
openpyxl
XlsxWriter
python-pptx
pydantic
Confidence
94% confidence
Finding
python-pptx

Unpinned Dependencies

Low
Category
Supply Chain
Content
openpyxl
XlsxWriter
python-pptx
pydantic
Confidence
97% confidence
Finding
pydantic

Known Vulnerable Dependency: python-docx — 2 advisory(ies): CVE-2016-5851 (Improper Restriction of XML External Entity Reference in python-docx); CVE-2016-5851 (python-docx before 0.8.6 allows context-dependent attackers to conduct XML Exter)

High
Category
Supply Chain
Confidence
90% confidence
Finding
python-docx

Known Vulnerable Dependency: openpyxl — 2 advisory(ies): CVE-2017-5992 (Improper Restriction of XML External Entity Reference in Openpyxl); CVE-2017-5992 (Openpyxl 2.4.1 resolves external entities by default, which allows remote attack)

High
Category
Supply Chain
Confidence
91% confidence
Finding
openpyxl

Known Vulnerable Dependency: pydantic — 3 advisory(ies): CVE-2021-29510 (Use of "infinity" as an input to datetime and date fields causes infinite loop i); CVE-2024-3772 (Pydantic regular expression denial of service); CVE-2021-29510 (Pydantic is a data validation and settings management using Python type hinting.)

High
Category
Supply Chain
Confidence
88% confidence
Finding
pydantic

VirusTotal

37/37 vendors flagged this skill as clean.

View on VirusTotal