ClawHub

Windows Print

Security checks across malware telemetry and agentic risk

Overview

This Windows printing helper is mostly coherent, but it can automatically send a document to the default printer after a chosen printer fails, which may expose sensitive files to the wrong device.

Review before installing if you print confidential documents or use shared office printers. Only use it when you can verify the exact files and printer, avoid broad wildcard patterns, and be aware that a failed named-printer job may be redirected to the default printer.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The script accepts wildcard paths and expands them with Get-ChildItem, which can cause a single user-supplied pattern to print every matching file rather than one explicitly confirmed document. In this skill's context—printing inbound attachments or local files only on explicit user request—that behavior increases the chance of unintended bulk printing and inadvertent disclosure of unrelated sensitive documents.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
If printing to the requested printer fails, the script silently falls back to the default printer, causing the document to be sent to a potentially different device than the user explicitly chose. In an enterprise setting this can expose confidential attachments to unintended recipients or shared printers, making the skill context materially more dangerous because it is designed for printing chat attachments and local documents that may be sensitive.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal