ClawHub

drawio-generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward draw.io link generator, with the main caution that diagram content is encoded into a link for diagrams.net.

Use this for ordinary diagram generation. Avoid putting secrets, credentials, private network details, or sensitive internal architecture into diagrams unless you are comfortable opening that content through diagrams.net or sharing it in a generated link.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill instructs the agent to execute a local Python script that generates a draw.io URL, which implies outbound network-capable behavior, but no permissions are declared. Undeclared network-related capability weakens policy enforcement and review because the skill can cause data in user-provided diagram content to be embedded into a remote draw.io link without an explicit permission boundary.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The invocation description is extremely broad, covering essentially any visual representation request, which can cause the skill to activate in many contexts beyond a user's clear intent to use draw.io. Over-broad triggering increases the chance of inappropriate tool use, unexpected external link generation, and accidental exposure of sensitive diagram content to a third-party service.

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The skill mandates a Chinese-language output string ('[点击查看图表](<URL>)') regardless of the user's language or locale. Forcing a specific language without consent can mislead users, reduce transparency about the destination, and make phishing-style or opaque link presentation slightly more plausible, though the direct security impact is limited.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal