ClawHub

DeepRead Form Fill

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward DeepRead PDF form-filling skill, but users should understand that PDFs and form data are sent to DeepRead’s external service.

Install only if you are comfortable sending selected PDFs and JSON form data to DeepRead for processing. Review DeepRead’s privacy, retention, and compliance terms before using it for SSNs, tax, HR, medical, legal, or financial documents; use a dedicated rotatable API key and keep signed download links and webhook endpoints private.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill is explicitly designed to upload PDFs and structured JSON to a third-party service, and the examples include highly sensitive data such as SSNs, tax, insurance, and government-form content. Omitting a clear privacy and sensitivity warning can mislead users into sending regulated or confidential data without understanding retention, processing, or sharing risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The webhook feature posts job completion data, including a filled document URL and report details, to an arbitrary user-supplied external URL. Without a prominent warning, users may unintentionally exfiltrate sensitive filled-form results to third-party endpoints or misconfigured receivers, creating confidentiality and integrity risks.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The code uploads the entire PDF and associated form field data to an external API endpoint, but the user-facing flow does not provide an explicit runtime warning or consent check about transmitting potentially sensitive documents and PII off-host. In a form-filling skill, these files may commonly contain personal, financial, medical, or legal information, so silent transmission increases privacy and compliance risk even if the network call itself is expected functionality.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script uploads the local PDF and provided form data JSON to a third-party service, which can expose sensitive personal, financial, medical, or legal information outside the user's local environment. Although the skill description implies remote processing, the script itself does not provide an explicit privacy warning, consent prompt, data classification guidance, or controls to prevent accidental transmission of highly sensitive documents.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal