ClawHub

PL Report Generator

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only financial report generator with sensitive data handling, but its access and sharing behavior is mostly disclosed and purpose-aligned.

Use least-privilege access to finance systems and spreadsheets, keep raw data out of git, review generated PDFs before sharing, and explicitly confirm recipients and channels before any email or Telegram send. For Google Sheets, use a separate output sheet or read-only credentials for source tabs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The skill claims it is output-only and should never write back to source systems, yet the integration table permits Google Sheets 'Read / Write summary'. That contradiction can lead an agent or operator to treat write operations as sanctioned, creating a real risk of unauthorized modification of financial data or summary sheets in systems that may be considered source-of-truth by users.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The skill advertises automated report distribution as a core capability and workflow step, while the safety section says there should be no automated external distribution and external sending requires explicit approval. This mixed guidance is dangerous because agents may prioritize the operational workflow over the caveat, resulting in confidential financial reports being sent externally without required human review or authorization.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal