ClawHub

Whiteboard Video Workflow

Security checks across malware telemetry and agentic risk

Overview

This skill fits its whiteboard-video purpose, but it automatically runs dependency setup from another skill and sends subtitle-derived prompts to RunningHub, so users should review it before installing.

Install only if you trust this skill and the separate whiteboard-animation skill it invokes. Prefer running dependency setup in a sandbox or virtual environment, use a revocable RunningHub API key, keep output paths inside your workspace, and avoid confidential subtitles unless third-party image processing is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The environment precheck explicitly says the script will automatically detect and install fixable dependencies, meaning the workflow may modify the local Python environment before obtaining clear user consent. Automatic package installation through a shell-invoked script expands the attack surface and can unexpectedly change system state, especially if dependency sources, versions, or install scope are not constrained and disclosed.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill directs the agent to use an external API key, transmit user-provided prompts to a third-party image generation service, and download/write files locally, but it does not require explicit user consent or a warning about those side effects. In an agent context, this can cause unintended disclosure of sensitive prompt content and unexpected filesystem changes, especially when the user may believe the operation is local-only.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The skill instructs the agent to write files under a user-controlled projectRoot and later execute a local Python script, but the documentation does not explicitly surface these filesystem and subprocess side effects. In an agent setting, lack of clear side-effect disclosure increases the risk that users or orchestrators invoke the skill without understanding it will modify disk state and launch code, which can amplify damage if inputs point to sensitive locations or if downstream execution is unexpectedly trusted.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal