ClawHub

Adaptive Depth Research v6.0 Universal

Security checks across malware telemetry and agentic risk

Overview

This research skill has a legitimate purpose, but it needs review because parts of it can generate canned, falsely sourced reports and handle user input unsafely.

Install only if you are comfortable reviewing or disabling the synthesis script first. Use simple non-confidential topic names, run it in a sandbox, verify all generated reports against the source cards, and treat the automatic reports as drafts until the input sanitization, path constraints, dependency documentation, and network/privacy notices are fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The script advertises a synthesis pipeline based on extracted card metadata, but the actual briefs and final report are hard-coded and do not depend on the input summaries. This creates a serious integrity and trust problem: users may act on fabricated research outputs that appear data-driven, which is especially dangerous in a research or decision-support workflow.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly documents automatic PDF downloads, web scraping, and report generation, but provides no warning that running it will initiate network requests and create local files. In an agent context, undisclosed external access and filesystem writes can surprise users, bypass informed consent, and increase the risk of unintended data transfer, policy violations, or unsafe handling of untrusted PDFs.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script sends the user-supplied research topic directly to external services (arXiv and, later in the script, PubMed) without any privacy notice, consent step, or redaction. If users enter confidential project names, customer data, internal codenames, or regulated research terms, that information is disclosed to third parties and may be logged outside the user's control.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal