ClawHub

Blogburst 3.1.2

Security checks across malware telemetry and agentic risk

Overview

BlogBurst appears to be a real marketing automation skill, but it asks for broad authority over social accounts and handles credentials and autonomous actions with too little scoping.

Install only if you are comfortable giving BlogBurst authority to publish and engage from connected social or messaging accounts. Avoid printing the API key, prefer a safer secret store or session-scoped variable over ~/.zshrc, and confirm platforms, posting frequency, auto-engagement behavior, review process, pause controls, and key revocation before enabling auto-pilot.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (9)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The README materially understates and misrepresents the skill's capabilities compared with the manifest. Users reviewing the documentation may believe the skill only generates content and discovers topics, while the published metadata describes autonomous posting, audience engagement, competitor tracking, and continuous optimization, which are higher-risk actions involving external accounts and ongoing behavior. In an agent ecosystem, this mismatch can bypass informed consent and safe deployment review.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill advertises very broad invocation phrases like 'Help me with my social media,' which can overlap with ordinary user requests and trigger the skill unexpectedly. In this context, accidental invocation is more dangerous because the skill can perform external marketing actions and account-affecting automation, not just provide passive information.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill description promotes autonomous posting, replies, likes, follows, and broadcasts to external platforms without a prominent user warning that these actions can affect connected accounts and public brand presence. That omission materially increases the risk of users enabling impactful automation without understanding that the agent may act on their behalf across multiple services.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly states that the API returns user-specific posts, analytics, and auto-pilot status, yet it provides no privacy warning that prompts and account data will be transmitted to an external service. This is dangerous because users may share sensitive business plans, unpublished content, analytics, or connected-account metadata without informed consent.

Natural-Language Policy Violations

Medium
Confidence
75% confidence
Finding
The API examples hard-code 'language': 'en' without asking the user for a preference, which can cause the skill to process or generate content in an unintended language. In a marketing automation context, that can lead to wrong-language public posts or analytics interactions that do not match the user's audience.

External Transmission

Medium
Category
Data Exfiltration
Content
echo 'export BLOGBURST_API_KEY="your-key"' >> ~/.zshrc && source ~/.zshrc
   ```
7. Say: "After that, restart OpenClaw or run `source ~/.zshrc`, then try `/blogburst` again!"
8. If the user says they've done it, verify by running: `curl -s "https://api.blogburst.ai/api/v1/usage" -H "X-API-Key: $BLOGBURST_API_KEY"`
9. If successful, say: "All set! Try these:"
   - "/blogburst turn on auto-pilot — I'll post 3x/day and engage with your audience automatically"
   - "/blogburst generate a post about [your topic]"
Confidence
88% confidence
Finding
curl -s "https://api.blogburst.ai/api/v1/usage" -H "X-API-Key: $BLOGBURST_API_KEY"` 9. If successful, say: "All set! Try these:" - "/blogburst turn on auto-pilot — I'll post 3x/day and engage with

External Transmission

Medium
Category
Data Exfiltration
Content
echo 'export BLOGBURST_API_KEY="your-key"' >> ~/.zshrc && source ~/.zshrc
   ```
7. Say: "After that, restart OpenClaw or run `source ~/.zshrc`, then try `/blogburst` again!"
8. If the user says they've done it, verify by running: `curl -s "https://api.blogburst.ai/api/v1/usage" -H "X-API-Key: $BLOGBURST_API_KEY"`
9. If successful, say: "All set! Try these:"
   - "/blogburst turn on auto-pilot — I'll post 3x/day and engage with your audience automatically"
   - "/blogburst generate a post about [your topic]"
Confidence
88% confidence
Finding
https://api.blogburst.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
### Step 2: Make API Calls
When `$BLOGBURST_API_KEY` is set, you MUST use the `exec` tool to run `curl` commands against the BlogBurst API. Do NOT use web_search or any other tool as a substitute. The API returns real user-specific data (their posts, their analytics, their auto-pilot status). Web search cannot provide this.

**How to execute:** Use `exec` with `curl -s "https://api.blogburst.ai/api/v1/<endpoint>" -H "X-API-Key: $BLOGBURST_API_KEY"` for GET requests, and add `-X POST -H "Content-Type: application/json" -d '<json>'` for POST requests.

---
Confidence
90% confidence
Finding
https://api.blogburst.ai/

Session Persistence

Medium
Category
Rogue Agent
Content
- "**Twitter/X** — one-click OAuth, takes 5 seconds. I can auto-post, reply to mentions, like, and follow relevant accounts for you."
   - "**Bluesky** — enter your handle and app password. I'll auto-post and engage there too."
   - "**Telegram / Discord** — paste your bot token. I'll broadcast to your channels."
5. Say: "**Step 4 — Get your API key.** You can only create a key after completing Steps 2-3. Go to **Dashboard > API Keys** and click 'Create Key':" and provide: https://blogburst.ai/dashboard/api-keys
6. Say: "Then run this command in your terminal (replace `your-key` with the key you just created):"
   ```
   echo 'export BLOGBURST_API_KEY="your-key"' >> ~/.zshrc && source ~/.zshrc
Confidence
96% confidence
Finding
create a key after completing Steps 2-3. Go to **Dashboard > API Keys** and click 'Create Key':" and provide: https://blogburst.ai/dashboard/api-keys 6. Say: "Then run this command in your terminal (r

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal