ClawHub

xlsx

Security checks across malware telemetry and agentic risk

Overview

This spreadsheet skill is mostly purpose-aligned, but its formula recalculation helper persistently changes the user's LibreOffice macro profile without clear containment or consent.

Review before installing. Use copies of important spreadsheets, avoid running recalc.py on untrusted workbooks, and be aware that the helper modifies your LibreOffice macro profile and may affect future LibreOffice use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation description is extremely broad, covering nearly any spreadsheet-related request across multiple formats and actions. Overbroad triggering can cause the skill to activate in situations where file modification or formula-recalculation behavior is unnecessary, increasing the attack surface and the likelihood of unintended file access or changes.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill gives direct instructions to create and modify spreadsheet files but does not require any user-facing warning or confirmation before changing files on disk. In practice, this can lead to silent overwrites or unanticipated edits to existing workbooks, especially because the workflow includes saving modified files as part of normal operation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script silently writes a LibreOffice Basic macro into the user's persistent profile, modifying global application state without notice or consent. In a skill that processes untrusted spreadsheets, this is more dangerous because it establishes a reusable macro entrypoint in the office suite and can affect future LibreOffice behavior outside the immediate task.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal