ClawHub

Pitch Screener

Security checks across malware telemetry and agentic risk

Overview

This skill is a purpose-aligned pitch deck screening helper, but users should understand that decks are sent to SoMark and extracted company/founder details may be used in web searches.

Install only if you are comfortable sending pitch decks to SoMark and using external search for company and founder research. Avoid NDA-protected or highly confidential decks unless SoMark's privacy, retention, and security terms meet your requirements, protect SOMARK_API_KEY as a secret, and remember parsed outputs are written to the chosen local directory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
97% confidence
Finding
The skill uses sensitive capabilities including environment-variable access, file read/write, and network activity, but does not declare permissions explicitly. That creates a transparency and governance gap: users and enforcement layers may not realize the skill can access local files, use API keys, and transmit deck-derived data to external services. In this context, the risk is amplified because pitch decks often contain confidential business information and founder identities.

Tp4

High
Category
MCP Tool Poisoning
Confidence
93% confidence
Finding
The documented behavior promises parsing, independent web research, and an investment memo, but the detected implementation apparently only covers parsing. This mismatch is security-relevant because users may rely on claimed verification steps that never occur, leading to unsafe trust in unverified investment conclusions, and it also obscures the skill's real data handling behavior. Misrepresentation of functionality is especially risky in workflows involving sensitive corporate documents and decision support.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad enough to activate on common language like 'screen this pitch deck' or 'background check on this founder team,' which may cause the skill to run unexpectedly in unrelated or underspecified contexts. Unintended activation matters here because it can initiate file processing and external research on sensitive startup information without sufficiently explicit user intent. The skill's use of networked third-party services makes accidental invocation more concerning than for a purely local, read-only tool.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs the agent to search for company, founder, customer, partner, and competitor information derived from the uploaded deck, but it does not clearly warn that this may disclose sensitive deck-derived entities to external services. For confidential fundraising materials, even the company name, founder names, customer logos, or claimed metrics can be material nonpublic information. This creates a meaningful privacy and confidentiality risk in exactly the kind of high-sensitivity business context the skill targets.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script transmits the entire pitch deck and API key to a third-party service, which can expose confidential business information, founder details, and other sensitive data if users are unaware of the upload. In this skill context, decks are often highly sensitive, so silent external transmission materially increases privacy and confidentiality risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal