ClawHub

Framework Analysis

Security checks across malware telemetry and agentic risk

Overview

The skill is mainly an analysis framework, but it automatically creates report files and sends them through Feishu without a clear per-use confirmation step.

Review before installing. Use this only if you are comfortable with automatic local report creation, an unreviewed helper script from another skill path, and Feishu delivery of the analysis. For safer use, require explicit approval before PDF generation or message sending, verify the exact destination, and avoid confidential prompts unless export and recipients are controlled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as an analysis methodology, but it silently expands scope into local file generation and outbound delivery. That creates an unexpected capability boundary: analysis results may be written to disk and transmitted externally without an explicit user request, increasing the risk of unintended data handling and exfiltration.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The shell-based PDF generation introduces filesystem writes and script execution into a skill whose stated purpose is analytical reasoning. Even if the command is fixed, using a shell script with topic-derived filenames can create avoidable risk from unsafe path construction, unexpected local side effects, or abuse of a broader execution surface than necessary.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
Automatically sending generated output through a messaging tool introduces external data transmission unrelated to the core analytical function. If the analysis contains sensitive prompts, user data, or research results, this behavior can leak information to third-party systems or unintended recipients without a clear need-to-know or user awareness.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill directs automatic file creation after analysis without notifying the user at decision time. Silent persistence can expose sensitive analytical content on disk, surprise users in restricted environments, and create downstream privacy or retention issues because artifacts remain after the session ends.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill specifies automatic Feishu transmission with no clear warning or confirmation, which is a direct exfiltration risk. Outbound sharing is materially more dangerous than local formatting because it can disclose sensitive analyses to external services immediately and irreversibly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal