ClawHub

graphviz

Security checks across malware telemetry and agentic risk

Overview

This skill only generates Graphviz diagram text and a preview link, but users should avoid putting sensitive system details into diagrams rendered with an online tool.

Install only if you are comfortable creating public or third-party-rendered diagram links. Do not include secrets, private hostnames, internal schemas, credentials, unreleased architecture, or security-sensitive details unless you intend to expose them through the generated GraphvizOnline link; use local Graphviz rendering for sensitive diagrams.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README states that diagrams are rendered online via GraphvizOnline but does not clearly warn that user-provided content may be sent to an external third-party service. Users may include architecture, database, dependency, or security design details that are sensitive, causing unintended data disclosure outside the local environment.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The skill description and usage guidance are broad enough to match many generic requests to 'draw' or 'visualize' content, which can cause the agent to invoke this skill in contexts where diagram generation is not the user's real intent. Over-broad routing increases the chance that sensitive user-provided content is transformed and sent to an external service unnecessarily.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The catch-all guidance ('Any request involving diagrams, graphs, schemas, architecture visualization') is too unspecific and lacks exclusion criteria, so the skill may activate for broad classes of requests it cannot safely or appropriately handle. In this skill's context, mistaken invocation is more dangerous because the workflow always constructs a third-party GraphvizOnline URL containing the user's diagram content.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill does not disclose that user-supplied diagram content will be embedded into a GraphvizOnline URL hash and shared with a third-party web application. Users may provide internal architecture, identifiers, endpoints, or other sensitive operational details without realizing the data is being exposed outside the local agent context, making this a meaningful confidentiality risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal