ClawHub

Deep Research Pro v5.0.1

Security checks across malware telemetry and agentic risk

Overview

This skill has a plausible research purpose, but one bundled synthesis script can generate fixed, source-looking medical and insurance conclusions that are not actually derived from the user's inputs.

Review before installing. The extraction helpers are broadly aligned with research work, but do not rely on scripts/synthesize.sh for real analysis unless it is rewritten to derive outputs from your sources and validate citations. Avoid private PDFs unless you are comfortable with extracted text remaining in temporary files, and use safe card IDs without path characters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The script claims to synthesize theme briefs from extracted card summaries, but instead emits hard-coded briefs that do not depend on the research inputs. In a research/reporting skill, this is a serious integrity flaw because it can fabricate evidence-backed conclusions and mislead downstream users into trusting output that appears data-driven but is not.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The final report is written as a fixed, precomposed document with specific findings, dates, and recommendations, despite being presented as the output of a synthesis pipeline. This creates a deceptive provenance trail and can cause users to act on invented conclusions in a high-stakes medical/insurance research context.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The header documents a card-clustering and report-generation workflow, but the implementation does not use the generated summary file and performs no real clustering. This mismatch is dangerous because it misrepresents the skill's behavior, undermines auditability, and can conceal fabricated outputs behind misleading documentation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal