ClawHub

Biaoshu Writer

Security checks across malware telemetry and agentic risk

Overview

The skill mostly performs bid-document generation, but it includes required AI-authorship masking and document metadata rewriting that users should review before installing.

Review before installing. Use only with bid files you are authorized to process, change output paths, use trusted package and font sources, and avoid the AI-trace removal or metadata-masking behavior for real submissions unless the tender rules and your organization explicitly allow it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill clearly describes reading bid files and writing generated Word documents, but it does not declare permissions or prominently communicate those capabilities as formal access requirements. This can cause users or hosting systems to underestimate the skill's filesystem access, increasing the risk of unintended data exposure or unauthorized local file modification.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The installation/use instructions tell users to send tender documents to the AI, but provide no warning that bid files may contain confidential business information, pricing, personnel data, or other sensitive procurement materials. In the context of a tender-writing skill, this omission is more dangerous because the primary workflow explicitly involves uploading potentially sensitive source documents to an AI system, increasing the risk of unintended disclosure or improper handling.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill specifies a fixed output path under /Users/owen/Desktop/{项目名称}/ without warning the user or indicating that local files will be written there. Writing to a hard-coded desktop path can overwrite existing content, leak sensitive procurement data into an unexpected location, or fail unpredictably on other systems.

Ssd 2

Medium
Confidence
97% confidence
Finding
The skill is explicitly framed as removing signs that text was AI-generated, which creates an evasion capability against AI-origin heuristics, review workflows, or institutional disclosure expectations. In context, this is more dangerous because the file provides systematic paraphrasing guidance aimed at preserving meaning while hiding provenance-related signals.

Ssd 2

Medium
Confidence
98% confidence
Finding
These core instructions direct semantic-preserving rewrites specifically to strip identifiable AI patterns while maintaining content, which is effectively an evasion workflow. That increases misuse potential for deceptive submission of generated text in settings where provenance, authenticity, or disclosure matters.

Ssd 2

Medium
Confidence
97% confidence
Finding
The repeated advice to inject first-person voice, emotion, uncertainty, and 'messiness' so writing sounds like a 'real person' goes beyond normal editing and supports impersonation of human authorship. In this skill context, that makes the capability more dangerous because it operationalizes deceptive stylistic masking rather than merely improving prose.

Ssd 4

Medium
Confidence
96% confidence
Finding
The document provides a comprehensive, step-by-step taxonomy for removing AI markers across content, grammar, style, and conversational traces until output passes as human-written. This systematic guidance materially lowers the effort needed to evade AI-origin review and can facilitate plagiarism, academic misconduct, fraud, or policy circumvention at scale.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal