ClawHub

Local File

Security checks across malware telemetry and agentic risk

Overview

The skill reads local documents as advertised, but its file-access boundary is too weak and broad for the sensitivity of local files.

Install only if you are comfortable granting this third-party skill access to local file contents. Before trusting it broadly, remove or replace the hardcoded D:\个人 allowlist, require explicit user-approved paths, enforce real path containment with resolved absolute paths, and implement the promised 10MB limit.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases are broad enough to match common user requests like reading or opening files, which can cause the skill to activate in situations the user did not explicitly intend. In a file-access skill, unintended activation increases the chance of exposing local file contents or prompting the agent to access sensitive paths under ambiguous authorization.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"node": ">=18.0.0"
  },
  "dependencies": {
    "mammoth": "^1.6.0",
    "pdf-parse": "^1.1.1"
  },
  "devDependencies": {
Confidence
90% confidence
Finding
"mammoth": "^1.6.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
},
  "dependencies": {
    "mammoth": "^1.6.0",
    "pdf-parse": "^1.1.1"
  },
  "devDependencies": {
    "eslint": "^8.56.0"
Confidence
90% confidence
Finding
"pdf-parse": "^1.1.1"

Known Vulnerable Dependency: mammoth==1.6.0 — 1 advisory(ies): CVE-2025-11849 (Mammoth is vulnerable to Directory Traversal)

Low
Category
Supply Chain
Confidence
97% confidence
Finding
mammoth==1.6.0

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal