ClawHub

Upstage Schema Generation

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is coherent for generating document extraction schemas, but users should know documents may be sent to Upstage or a VLM provider for processing.

Install only if you are comfortable using an Upstage API key and sending selected sample documents to external AI/API services. Avoid sensitive files unless your policies allow external processing, provide specific files or narrow folders, and set explicit output paths and file/page limits when needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger text is broad enough to activate on generic 'generate a schema' requests, including cases unrelated to document extraction. Overbroad activation can cause unintended handling of user inputs, leading to unnecessary file access or external transmission of documents under the wrong skill context.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs sending document contents, including base64-encoded PDFs, to a third-party API but does not require an explicit user-facing disclosure or confirmation. This creates a data-leakage risk, especially when users may provide sensitive business, financial, or personal documents without understanding they will leave the local environment.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The skill directs the agent to write schema files to disk by default without clearly warning the user that a file will be created and where it will be stored. Silent file creation can expose generated artifacts in shared temp directories, create persistence the user did not expect, and increase the chance of downstream misuse or disclosure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal