ClawHub

LegalDoc AI

Security checks across malware telemetry and agentic risk

Overview

LegalDoc AI is a coherent legal-document tool, but users should treat its privacy, compliance, and deadline outputs carefully before using real client matter data.

Install only after verifying the publisher/source and any claimed SOC 2, HIPAA, GDPR, privilege, or enterprise terms. Use least-privilege API keys, avoid sending privileged facts to external research services, protect or periodically delete the local ~/.legaldoc deadline database, and independently verify all extracted clauses, summaries, citations, and deadlines before using them in legal work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (6)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README promotes integrations, notifications, and handling of legal matters while making strong security/compliance claims, but it does not clearly warn users that enabling third-party services or misconfigured deployments can expose privileged, confidential, or regulated legal data. In the context of legal workflows, silent data sharing to Slack, email, Teams, SMS, cloud storage, or external research providers can create serious confidentiality, privilege, and compliance risks.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README encourages users to analyze contracts, acquisition agreements, discovery documents, and case files without a prominent warning to avoid submitting privileged, confidential, or regulated documents unless privacy, deployment, and retention settings have been validated. Because this skill is specifically aimed at law firms and attorney-client material, users may assume all use is safe and inadvertently disclose highly sensitive information.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises deadline alerts via email and Slack webhooks but does not warn users that matter descriptions, dates, and related legal metadata may be transmitted to third-party systems. In a legal context, even seemingly limited deadline data can reveal confidential client relationships, litigation activity, or privileged work product, increasing privacy, confidentiality, and compliance risk.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The manifest requests sensitive capabilities including file_write, network_http, and multiple API keys, but the user-facing description does not disclose that uploaded legal documents may be transmitted over the network or modified/written locally. In a legal-tech context, this omission is material because users may process privileged or regulated client data and reasonably expect explicit notice before data leaves the local environment or is stored elsewhere.

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The code hard-codes California statute-of-limitations rules and even labels them as defaults, but it still exposes a generic deadline calculator without enforcing jurisdiction selection, displaying strong warnings, or preventing use in other locales. In a legal deadline tool, silently applying the wrong jurisdiction can cause users to rely on incorrect filing deadlines, creating serious legal and operational harm even though this is not a code-execution issue.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The tool sends the user's legal research query to CourtListener over the network without any explicit disclosure, consent, or redaction step. Legal queries can contain privileged facts, client names, litigation strategy, or other sensitive matter data, so this creates a real confidentiality and privacy risk even though the destination is a legitimate legal research API.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal