ClawHub

Four Dimensional Deep Reading

Security checks across malware telemetry and agentic risk

Overview

This skill analyzes books, saves reports locally, and optionally exports to Notion in ways that are mostly disclosed and aligned with its purpose.

Install only if you are comfortable with book titles and queries being used for external lookups, reports being saved under workspace/reports, fetched metadata being cached, and any Notion export sending selected report content to your Notion workspace. Do not use it on confidential manuscripts or private documents unless you disable/avoid external lookup and export paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
84% confidence
Finding
Using a broad trigger like `summarize` can cause the skill to activate on ordinary user requests that were not intended for this workflow. In this skill, activation can lead to web retrieval, file handling, parallel subagents, and automatic report saving, so accidental invocation increases privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill repeatedly states that reports and fetched content are automatically saved to workspace paths, but it does not clearly warn users that their uploaded files, derived analyses, and possibly retrieved materials will persist on disk. This creates a real confidentiality and retention risk, especially for private documents or copyrighted content users may assume is processed ephemerally.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill describes automatic searches across third-party services such as Douban, Goodreads, Amazon, Zhihu, and others without clearly telling users that book titles, author names, or other query terms may be transmitted externally. For sensitive reading interests or confidential document-derived queries, this can leak user intent and metadata to outside platforms.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The Notion export function transmits user-supplied report content and derived flashcards to Notion's remote API, but the network transfer occurs implicitly inside a utility function with no consent prompt, warning, or explicit disclosure at the call site. In a skill that may process sensitive reading notes or reports, this creates a real privacy and data-handling risk because users or downstream callers may not realize local content is being exfiltrated to a third-party service.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal