ClawHub

paper-matlab-reproduction

Security checks across malware telemetry and agentic risk

Overview

The skill largely matches its paper-to-MATLAB purpose, but it includes persistent self-improvement instructions that can change the skill itself and should be reviewed before use.

Install only if you are comfortable with a skill that creates MATLAB project files, may use web lookup for cited papers, and may run generated MATLAB code. Use a dedicated output folder, review generated scripts before execution, and remove or ignore the self-evolution diary/PR instructions unless you explicitly want the skill to propose edits to itself.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The self-evolution section authorizes the skill to modify its own definition by submitting a PR to change SKILL.md based on recent executions. That creates a self-modifying instruction channel unrelated to the paper-reproduction task and can let adversarial inputs or repeated failure cases reshape future behavior, weakening safeguards or expanding capabilities without human review.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README states that generated MATLAB code and documentation will be written into the paper's folder by default, which can lead to unexpected creation of multiple files and directories in a user-supplied location. In a skill that accepts local paths, URLs, or uploaded files, this behavior increases the risk of unintended filesystem modification unless the user is clearly warned and asked to confirm the output location before writing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal