ClawHub

Korean Invoice

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but unsafe handling of invoice text and client names could let crafted data affect the local browser or write files outside the intended output folder.

Install only if you trust the client and item data you enter. Avoid client names with slashes or dot-dot path segments, do not put HTML or script-like text in notes/items/client fields, keep the local data directory private, and confirm generated tax invoice details before sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README advertises very broad natural-language triggers such as creating quotes or issuing tax invoices without documenting any confirmation step, scope restriction, or disambiguation rules. In an agent-integrated environment, this can cause unintended execution of financial document generation from ambiguous user prompts, especially because the examples imply the agent will automatically run scripts and produce outputs.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documentation includes direct delete commands for clients and items but provides no warning, confirmation expectation, backup guidance, or recovery mechanism. In an agent setting, users may invoke these actions conversationally and trigger irreversible data loss in local business records, which is especially risky because the data store contains operational invoice/customer information.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"author": "무펭이",
  "license": "MIT",
  "dependencies": {
    "puppeteer-core": "^23.0.0"
  }
}
Confidence
89% confidence
Finding
"puppeteer-core": "^23.0.0"

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal