ClawHub

paper-report

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent academic-paper report generator that downloads or processes user-provided papers and creates local Chinese reports, with no evidence of hidden exfiltration, persistence, or destructive behavior.

Install this if you want Chinese academic-paper reading reports and are comfortable with the agent downloading paper pages or images and writing extracted files and reports in the workspace. Review URLs and PDF paths before use, and avoid private papers unless local extraction and generated report files are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The description includes broad triggers such as summarize, read, analyze, or create a reading report for an academic paper, which can overlap with many ordinary user requests and cause the skill to activate unexpectedly. Over-broad activation increases the chance of unnecessary file/network operations and may override user expectations about tool use or output format.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The metadata mandates Chinese output for all uses without indicating that this should depend on user preference. This can cause the skill to ignore user language choice and produce unintended output, which is a policy/control issue even if not a direct code-execution risk.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The instruction explicitly requires the entire report to be in Chinese, with no opt-in or fallback to user preference. In context this is less dangerous than command execution issues, but it still creates an unwanted hard override that can conflict with user intent and downstream workflows.

Missing User Warnings

Low
Confidence
91% confidence
Finding
The skill explicitly instructs the agent to fetch remote HTML and image content with curl and save it into the local workspace, but it does not require user consent, disclose network access, or warn about filesystem writes. In an agent setting, silent outbound requests and local file creation can surprise users, leak metadata to third-party servers, or write untrusted content that later tooling may process.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The file hard-codes Chinese output requirements ('输出格式:Markdown' with Chinese-only report instructions) without indicating that this depends on user preference or locale. In a general-purpose summarization skill, forcing a language can override user intent, produce unexpected disclosures or unusable output for downstream consumers, and reduce reliability of the agent’s behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal