ClawHub

Doc Summarize Pro

Security checks across malware telemetry and agentic risk

Overview

This is a local document summarizer with accuracy and local-history privacy caveats, but no evidence of hidden access, exfiltration, or destructive behavior.

Install only if you are comfortable with a local history file at $HOME/.doc-summarize-pro/history.log recording processed file paths and commands. Do not rely on translate-summary for actual translation, and verify summaries before using them for important decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The skill advertises a translate-and-summarize capability, but the implementation only echoes the original text and extracts a few sentences without performing any translation. This is a deceptive capability mismatch that can mislead users or downstream agents into trusting output as translated content, causing incorrect decisions, workflow failures, or disclosure of untranslated sensitive material to the wrong audience.

Description-Behavior Mismatch

Low
Confidence
88% confidence
Finding
The skill is marketed as an enhanced or smart summarizer, but the code performs only basic truncation, sentence splitting, and simple keyword matching. While this is not code-execution dangerous, it is a trust and integrity issue: users may rely on the tool for higher-quality analysis than it can provide, which can degrade decision-making in security, legal, or business contexts.

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The translate-summary command name and banner imply translation is performed, but the inline note explicitly says full translation requires another tool. This contradiction increases the risk of user confusion and unsafe reliance on mislabeled output, especially in automated pipelines that may treat the result as translated text.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill states that it stores processing history with timestamps under $HOME/.doc-summarize-pro/history.log, but it does not warn users that filenames, paths, and potentially sensitive document usage patterns may be retained on disk. On shared systems or compromised accounts, this metadata could reveal confidential project names, document locations, or user activity over time.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script persistently records every processed command and file path to ~/.doc-summarize-pro/history.log without any explicit user notice, consent, or opt-out. In a document-processing skill, file paths can reveal sensitive project names, usernames, client names, or confidential directory structures, so this creates a privacy and metadata leakage risk even though it is not overtly malicious.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal