ClawHub

Web Slides

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local HTML slide-deck generator with expected local script and optional Chrome preview behavior, and no evidence of hidden data access or malicious activity.

Install if you are comfortable running local Node-based generation tools and optional Chrome preview rendering. Pin or review the external npm dependency before global installation, keep CHROME_BIN pointed at a trusted browser, and avoid preview-rendering arbitrary untrusted HTML.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The function executes a local binary with a path that can be overridden via the CHROME_BIN environment variable. Although execFileSync avoids shell injection, an attacker who can influence the environment can cause arbitrary executable invocation under the agent's privileges, which is a real command-execution risk. In this skill context, rendering untrusted HTML via a browser also increases exposure because the launched process may access local files due to --allow-file-access-from-files.

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
The workflow hard-codes Chinese output ('输出单文件 HTML 演示文稿') without checking the user's language preference or allowing opt-in. In an agent setting, this can cause unwanted language switching, degrade usability, and increase the chance the model ignores explicit user instructions about output language or audience requirements.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal