ClawHub
Back to skill

Security audit

documentation-writer

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-writing skill with coherent, expected project-reading and documentation-generation behavior, though users should control any file writes and external link checks.

Install if you are comfortable with a documentation assistant reading the project files you point it at and writing generated documentation to a chosen output directory. Review generated file diffs before accepting or publishing them, and only enable external link validation when you explicitly want the agent to contact remote URLs found in the docs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The example code performs outbound HTTP requests during documentation validation by issuing HEAD requests to every external link it finds. In a documentation-writing skill, automatic network access is not strictly necessary and can leak environment metadata, trigger unexpected egress, or contact attacker-controlled URLs if untrusted documentation content is processed.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill description is very broad and can match many general documentation-related requests without clear boundaries or exclusions. In an agentic system, this increases the chance of inappropriate routing, overuse of the skill in contexts it was not intended for, and accidental access to sensitive project content during documentation generation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The markdown example validates links by making outbound requests to arbitrary HTTP URLs extracted from generated documentation content. If that content includes attacker-supplied links, the generator can be used as an SSRF-like egress primitive or may disclose internal network reachability and execution context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal