ClawHub

视觉笔记卡片生成器

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent visual note-card generator, but its generated HTML can contact third-party services for fonts and browser export.

Install if you are comfortable with generated HTML loading Google Fonts and a CDN export script. Avoid using confidential source material unless you remove or vendor those remote dependencies first, and confirm the desired output language when prompting.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The template imports Google Fonts at render time, which means opening the generated HTML causes outbound network requests and leaks viewer metadata such as IP address, user agent, and referrer context to a third party. This contradicts the skill's description of producing a self-contained artifact and creates both privacy risk and supply-chain dependence if the remote asset changes or becomes unavailable.

Description-Behavior Mismatch

Medium
Confidence
99% confidence
Finding
Loading html2canvas from a third-party CDN introduces a script supply-chain risk: any compromise of the CDN, upstream package, or delivery path would execute arbitrary JavaScript in the page context. Because this page handles export and DOM access, a malicious script could exfiltrate content, alter output, or perform unexpected network activity whenever the generated file is opened.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README says output is self-contained while also noting dependence on Google Fonts and html2canvas CDN, but it does not clearly warn users that opening generated HTML may trigger outbound network requests. This can leak metadata such as IP address, user agent, and usage timing, and it weakens assumptions about offline or privacy-preserving use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal