ClawHub

Invoice Engine

Security checks across malware telemetry and agentic risk

Overview

This is a coherent invoicing assistant, but it includes automatic billing and client-reminder workflows that can affect customers and business records without strong approval controls.

Install only if you are comfortable using it for real billing workflows. Keep the YAML client and invoice files in a private workspace, avoid storing unnecessary tax or payment details, and require manual review before enabling auto-send, overdue reminders, cron jobs, or any client-facing invoice communication.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The README advertises recurring billing and overdue reminder automation without clearly warning that the skill may generate invoices or customer communications automatically. In a financial workflow, unclear disclosure can lead to unintended billing actions, accidental customer contact, and mishandling of sensitive client/payment data if users assume the skill is advisory rather than action-capable.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrase "create an invoice" is broad enough to activate in ordinary conversations without confirming that the user intends to use this specific billing workflow. In a financial skill, accidental activation can cause the agent to collect sensitive billing data or begin drafting records that the user did not explicitly want handled through persistent workspace files.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to maintain persistent YAML records containing client names, contact details, addresses, tax IDs, payment history, and revenue metrics, but does not warn the user that this sensitive business and personal data will be stored in the workspace. This creates privacy, data retention, and confidentiality risks, especially in shared or insecure environments.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The recurring invoice routine allows `auto_send = true` and instructs the agent to notify clients automatically, but it does not require manual approval or clearly warn the user that external messages may be sent without review. This can lead to erroneous invoices or unintended outbound communications that have contractual, reputational, and financial consequences.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The overdue management section defines an automated collection cadence with escalating reminder language, but provides no mandatory human review gate or explicit caution about the business impact of sending collections messages. Incorrect or premature reminders could damage client relationships, escalate disputes, or create legal/compliance issues depending on jurisdiction and contract terms.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal