ClawHub

visual-note-prompt

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only prompt helper for turning notes into visual-card image prompts, with no evidence of hidden data access or code execution.

Safe to install as a prompt-formatting helper. Review generated prompts before sending them to an image generator, especially if you do not want the fixed Chinese handwriting instructions, series labels, or “By 八点虾” attribution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger conditions are broad and lack explicit invocation phrases or exclusions, so the skill may activate for loosely related requests and override normal assistant behavior. In an agent setting, over-broad routing can cause unintended prompt transformation, reduced task fidelity, and accidental processing of content the user did not intend to send through this skill.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
The template forces Chinese handwritten text and a fixed Chinese author signature without checking user language or locale. This is primarily a policy and safety-of-operation issue: it can cause unwanted content insertion, mislocalized output, and brand/attribution text the user did not request.

Natural-Language Policy Violations

Medium
Confidence
83% confidence
Finding
The multi-image template repeats the same hardcoded Chinese output and fixed signature requirements, extending the issue across all generated images. This increases the chance of unwanted text injection and poor localization, especially for non-Chinese users or systems expecting neutral output.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal