ClawHub

Excel Generator

Security checks across malware telemetry and agentic risk

Overview

The skill has a legitimate Excel-generation purpose, but it should be reviewed because it tells agents to use a public shared password for client files and to run an unbundled local script from a fixed path.

Review before installing. Only use it if you trust and can inspect the referenced local generator script, change the output path for your own workspace, and replace the shared default password with a unique password supplied or approved by the user for each sensitive workbook.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The skill instructs operators to use a hardcoded default password ("Formly2026!") for client-delivered protected files. A shared, predictable password defeats the purpose of protection, enables unauthorized access across all generated workbooks, and introduces insecure credential handling unrelated to the core workbook-generation function.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill directs saving files to a fixed local path and creating password-protected deliverables without requiring user notice or confirmation. In an agent setting, silent file creation and security-sensitive handling of protected documents can lead to unintended data persistence, disclosure, and unsafe credential workflows.

Missing User Warnings

High
Confidence
98% confidence
Finding
Specifying a default password for client delivery without warning or confirmation is insecure because recipients may assume the file is meaningfully protected when it is not. In this context, the skill normalizes reuse of a known secret across deliverables, making compromise trivial if the password becomes known once.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal