ClawHub

AntV Skills

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only G2 chart-code skill with some examples that need normal developer review, but no hidden execution, persistence, or data-stealing behavior was found.

Install is reasonable for G2 chart generation. Review generated code before production use, especially custom tooltip HTML, remote data fetches, and any example that saves edited chart data to a backend.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (8)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example shows a tooltip render function building raw HTML with template literals that interpolate `title`, `name`, `value`, and `color` directly into the returned markup. If any of those values can originate from untrusted data, this creates a client-side XSS sink and may let attackers inject script-bearing HTML or dangerous attributes into the page.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document promotes remote data fetching from external endpoints but does not warn users that chart rendering may transmit data requests, IP address, referrer, and other metadata to third parties. In a skill that helps generate chart code, this omission can lead users to unknowingly embed external network calls into client-side applications, creating privacy and data-governance risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The document explicitly promotes drag-based modification of chart data and describes scenarios like budget adjustment and manual forecast correction, but it does not warn that this interaction changes underlying values. In an agent skill context, examples are often reused directly, so omitting a warning can lead integrators to expose data-changing behavior to end users without confirmation, audit, or authorization checks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The example shows sending modified data to a server immediately after the 'element-point:moved' event via syncToServer(changeData), but provides no user-facing notice, consent flow, validation, or security guidance. This creates a realistic risk that consumers will implement silent persistence of manipulated values, enabling unintended or unauthorized changes to backend data.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The example custom tooltip renderer directly interpolates dynamic values like title, item.name, item.value, and item.color into an HTML string. If chart data can contain untrusted input, this can lead to DOM-based XSS when the tooltip is rendered, and the documentation does not warn users to escape or sanitize values before insertion. In a charting skill, this is more dangerous because examples are likely to be copied verbatim into applications that display user- or API-supplied data.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The example fetches data from a third-party URL without warning that rendering the sample will initiate outbound network access and disclose the user's IP/user agent to that external host. In a chart-generation skill, users may copy and run examples verbatim, so undocumented remote fetches create a small but real privacy and supply-chain exposure.

Missing User Warnings

Low
Confidence
81% confidence
Finding
This example also performs an external fetch without disclosing network usage. While the risk is limited, undocumented remote dependencies can leak environment metadata, fail unpredictably, or expose users to changed upstream content in documentation-driven workflows.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The documentation includes example code that fetches data from external URLs without explicitly warning users that running the sample will initiate outbound network requests. In an agent skill context, generated code may be copied or executed automatically, which can cause unintended data egress, privacy issues, dependency on third-party availability, or loading of untrusted content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal