ClawHub

学术论文阅读技能 (Paper Reader)

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This appears to be a paper-reading skill with over-broad auto-trigger behavior, but the risky behavior is mostly disclosed and aligned with analyzing user-provided papers.

Install if you want a Chinese-oriented academic paper reading assistant. Before using it, be aware that it may process an entire provided paper automatically; use explicit instructions when you only want a narrow question answered, and avoid uploading confidential or restricted documents unless full analysis is intended.

SkillSpector (3)

By NVIDIA

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description defines very broad applicable scenarios such as providing a PDF path, sending screenshots, asking about paper content, or requesting explanation of a term or paragraph. This can cause the skill to auto-trigger on ordinary academic questions where the user did not explicitly ask for full-document processing, leading to over-collection of content and unintended workflow execution.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The instruction '当用户提供论文文件时,自动进入以下流程,无需用户额外提示' mandates automatic execution without confirming scope, output format, or user intent. Ambiguous auto-invocation can cause the agent to perform costly or privacy-sensitive processing on uploaded documents even when the user only intended a narrow question, increasing risk of unintended actions and excessive data handling.

Natural-Language Policy Violations

High
Confidence
88% confidence
Finding
The core principle requires producing a Chinese paper-reading document, which effectively fixes the output language without asking the user’s preference. While not a classic code-execution issue, this can override user intent, create accessibility problems, and lead the agent to transform content in ways the user did not request, especially in multilingual or compliance-sensitive contexts.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal