ClawHub

PinePaper

Security checks across malware telemetry and agentic risk

Overview

PinePaper mostly matches a canvas-design helper, but its under-explained training-data export should be reviewed before enabling.

Install only if you intend to let an agent control PinePaper. Before enabling the MCP server, verify the package source, and instruct the agent not to clear, reset, delete, or export training data unless you explicitly approve that exact action.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill documents a `pinepaper_export_training_data` capability even though the rest of the file is focused on graphics, animation, and canvas manipulation. A training-data export path can expose user-created content, prompts, labels, or other sensitive artifacts, and the documentation provides no scope limits, consent requirements, or data-classification guidance.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill advertises destructive operations such as `agent.reset({ canvas: 'tiktok' })` and `app.clearCanvas()` without any warning, confirmation, or suggestion to check save/export state first. In an agent setting, this increases the risk of unintended data loss because an automated workflow may clear or overwrite a user's canvas irreversibly or at an unexpected time.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The export section lists `pinepaper_export_training_data` with no privacy, retention, or downstream-use warning. That omission is dangerous because users or agents may treat it like a routine export, when it could package sensitive project data for model training, reuse, or external transfer.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal