ClawHub

ChatDOC Studio--KnowledgeMate

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it uploads user-selected documents to PaodingAI ChatDOC Studio and queries that service, so users should only use it with documents they are allowed to send there.

Before installing, understand that selected PDF, DOC, and DOCX files, plus retrieval/search queries, are sent to PaodingAI’s remote ChatDOC Studio service using your PAODINGAI_API_KEY. Do not upload confidential, regulated, or third-party documents unless you are authorized and comfortable with that service’s data handling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs users to upload local PDF/DOC/DOCX files to a remote third-party endpoint but does not prominently warn that potentially sensitive local documents will leave the user's environment. This can cause inadvertent disclosure of confidential data, especially because the skill is framed as a convenient local-file workflow and the remote transfer detail is easy to miss.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script uploads local PDF/DOC/DOCX contents and sends retrieval queries to a third-party remote API, but it provides no explicit runtime warning, consent prompt, or prominent disclosure at the point of use. In an agent-skill context, this can cause users or downstream automation to exfiltrate sensitive local documents or queries off-host without realizing the privacy and data-handling implications.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal