ClawHub

scholarplotskill

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: generate and edit academic figures through a disclosed external MCP service, with normal API-key and data-sharing considerations.

Before installing, users should understand that figure prompts, edit instructions, and any supplied research data may be sent to figure.thirdme.com through MCP. Keep the API key private, avoid submitting confidential or unpublished data unless the service's terms are acceptable, and use more specific prompts when editing figures to avoid accidental activation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase "edit figure" is broad enough to match many ordinary user requests that are not specifically about this external ScholarPlot service. Overbroad activation can cause the skill to intercept unrelated prompts and route user content to the MCP backend, increasing the chance of unintended third-party data disclosure or inappropriate tool invocation.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to send figure descriptions and possibly exact data values to a third-party MCP service, but it does not warn users that their prompts and data leave the local environment. In a research context, those inputs may contain unpublished results, proprietary experimental data, or sensitive manuscript content, so the lack of disclosure materially increases the risk of accidental data exfiltration.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal