ClawHub

Receipt Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a coherent receipt-organizing skill that scans user-chosen receipt folders, copies renamed outputs, and creates Excel reports without evidence of hidden access, exfiltration, or destructive behavior.

Install only if you are comfortable letting the assistant process receipt images and PDFs in folders you choose. Confirm the input and output directories, review generated filenames and the Excel report before sharing them, and prefer a sandboxed or pinned-dependency environment for untrusted receipt files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger phrases are broad common terms such as '报销', '发票', and '整理票据', which could match ordinary user conversation and invoke the skill unintentionally. Because the skill performs file scanning and renaming, accidental activation could lead to unwanted processing of local documents.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow includes scanning directories, renaming files, and creating Excel reports, but the description does not clearly warn users that their files may be modified or new files written. Without an upfront warning and confirmation, users may unknowingly allow changes to important financial documents or metadata-bearing filenames.

Unpinned Dependencies

Low
Category
Supply Chain
Content
openpyxl>=3.1.0
pdfplumber>=0.10.0
Pillow>=10.0.0
Confidence
96% confidence
Finding
openpyxl>=3.1.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
openpyxl>=3.1.0
pdfplumber>=0.10.0
Pillow>=10.0.0
Confidence
95% confidence
Finding
pdfplumber>=0.10.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
openpyxl>=3.1.0
pdfplumber>=0.10.0
Pillow>=10.0.0
Confidence
97% confidence
Finding
Pillow>=10.0.0

Known Vulnerable Dependency: Pillow — 10 advisory(ies): CVE-2016-2533 (Pillow buffer overflow in ImagingPcdDecode); CVE-2023-50447 (Arbitrary Code Execution in Pillow); CVE-2021-27922 (Pillow Uncontrolled Resource Consumption) +7 more

Critical
Category
Supply Chain
Confidence
88% confidence
Finding
Pillow

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal