ClawHub

AntV Skills

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only AntV G2 charting skill with some code-safety and accuracy caveats, but no hidden execution, credential access, persistence, or exfiltration behavior.

Install only if you want AntV G2-specific chart-generation help. Review generated snippets before running them, especially raw HTML tooltip renderers and remote data or image URLs; escape untrusted values, use trusted or proxied data sources, and verify complex chart references against official G2 documentation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The document’s core description says radial maps x to radius and y to angle, but the examples and corrective guidance consistently teach the opposite mapping. In a code-generation skill, this inconsistency can directly cause the agent to emit incorrect chart code, leading to misleading visualizations and unreliable analytical output for users.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The snippet labeled as the correct fix still omits the required `data:` key, directly contradicting the explanation and leaving readers with syntactically invalid JavaScript. In a code-generation skill, this is dangerous because users may copy the example verbatim, causing runtime or parse failures and reducing trust in generated chart code.

Intent-Code Divergence

Low
Confidence
90% confidence
Finding
These examples use a bare identifier/object where a `data:` property is required, which conflicts with the surrounding documentation that explains the full `data` configuration. While not a direct security exploit, it is a genuine integrity issue in the skill because it can propagate broken sample code into user projects and downstream agent-generated responses.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The example's `tooltip.render` returns an HTML string built with interpolated dynamic values such as `${title}`, `${name}`, `${value}`, and `${color}` without any escaping or sanitization guidance. If these values can originate from untrusted data, this pattern can lead to DOM-based XSS in applications that copy the example directly, especially because the skill explicitly teaches custom HTML tooltip rendering.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document encourages browser-side remote fetching and even highlights dynamic data loading, but it does not warn that requests to third-party endpoints disclose the user's IP address and may leak referrer or other contextual metadata. In a charting skill, this can lead downstream users to embed external URLs into client-side visualizations without understanding the privacy and data-exposure implications.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The documentation explicitly encourages binding image sources from URLs but does not mention that rendering those images causes client-side requests to external hosts. In a chart-generation skill, users may paste untrusted or tracking-controlled URLs, which can leak viewer IP address, user agent, referrer, and access timing, creating a privacy and network-exposure risk.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The examples use external HTTPS image URLs directly, normalizing remote resource loading without disclosing privacy or policy implications. In generated chart code, this can lead downstream users to embed third-party image hosts that perform tracking or violate CSP/network restrictions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal