ClawHub

文档格式刷

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a local document formatter that reads files you choose and writes formatted outputs, without hidden network, credential, or persistence behavior.

Use clear input and output paths, keep backups before writing over important documents, and avoid sharing generated format JSON from confidential templates because it can include local paths and short text snippets. Install python-docx only from a trusted package source if the runtime requires it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly instructs execution of local scripts that read input documents and write output files, but it does not declare any permissions or constraints around filesystem access. This creates a trust and policy gap: an agent may perform file operations beyond what users expect, especially when handling arbitrary paths or sensitive local documents.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases include broad everyday expressions such as '格式刷' and '参照某文件的格式', which can cause the skill to activate in ambiguous contexts. Mis-triggering a skill that performs file reads/writes and format transformations can lead to unintended processing, accidental file modification, or disclosure of document contents to the skill pipeline.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
The skill description emphasizes application of a specific regional standard (GB/T 9704-2012 official document format) without clearly framing it as optional or user-selected. This can cause unintended alteration of documents into a non-applicable format, which is primarily an integrity and usability risk rather than a direct security compromise.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal