ClawHub

ai-drama-prompt-factory

Security checks across malware telemetry and agentic risk

Overview

This is mainly a creative short-drama prompt skill, but its bundled document tools can recursively index and reread broad local files if pointed at the wrong folder.

Install only if you are comfortable using it on a dedicated folder containing the novel or story files for the project. Do not point its indexing tools at your home directory, full workspace, cloud-sync folders, repositories with secrets, or private business documents. Review and delete generated index files when finished.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
This file implements a general-purpose document/codebase indexer that can recursively scan directories, read many local files, extract content-derived metadata, and write a consolidated JSON index. That capability is materially broader than the skill's declared short-drama prompt-generation workflow, so it increases the attack surface and could expose unrelated local project data if invoked on sensitive paths.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The directory indexing logic performs broad recursive filesystem enumeration across many file types, reads file contents, computes hashes, and emits a structured index file. In the context of a content-generation skill, this is dangerous because it can collect and persist metadata from unrelated local files, enabling unintended data discovery or exfiltration through downstream tool use or artifact upload.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal