ClawHub

multi-paper-innovation-comparator

Security checks across malware telemetry and agentic risk

Overview

This paper-comparison skill is mostly local and purpose-aligned, but it also tells the agent to keep failure diaries and pursue changes to its own instructions, which deserves review before installation.

Review before installing. It appears suitable for local paper processing if you are comfortable with it reading the selected folder and writing summary, state, and extracted-text files there. Remove or ignore the self-evolution section unless you explicitly want diary logging and human-reviewed changes to the skill itself.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill performs file reads and writes, including creating and updating `summ.md`, `paper_summ_state.json`, and `extracted_text/`, but does not declare those capabilities in a permission model. Hidden write capability reduces transparency and can lead to unintended modification of user data or misuse by downstream orchestration that assumes the skill is read-only.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The self-evolution section instructs the agent to append failure logs to persistent diary files and submit a PR to modify `SKILL.md`. These actions exceed the paper-comparison purpose and create an unauthorized self-modification path, which can be abused to persist changes, alter future behavior, or write outside the intended working set.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The manifest presents a paper-comparison utility, but the body adds persistent diary logging and modification of the skill itself. This mismatch is dangerous because operators may grant trust based on the stated purpose while the skill performs broader stateful and self-altering actions not implied by the manifest.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill directs automatic creation and in-place updates of files in the user's paper folder without an explicit warning or confirmation step. Even if intended for convenience, silent modification of user directories can overwrite expectations, pollute research folders, and normalize unsafe write behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The self-evolution section authorizes persistent diary writes and changes to `SKILL.md` without any user-facing disclosure. Because these writes are unrelated to the user task and affect future executions, they create a persistence mechanism and unauthorized code/configuration modification path.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal