ClawHub

Lead Outreach CRM

Security checks across malware telemetry and agentic risk

Overview

This local CRM skill is mostly coherent, but it can immediately erase all stored leads without confirmation.

Install only if you are comfortable storing lead and interaction data in the agent workspace. Back up or export important leads before using clear, and require explicit user confirmation before running that command. Treat the JSON and CSV files as sensitive business/contact data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The documented purpose is narrow, but the analyzer reports additional behaviors including B2B/B2C lead scoring, outreach sequence generation, interaction logging, and destructive clearing. Undocumented behavioral scope is dangerous because it prevents informed user consent, can hide privacy-sensitive processing of lead data, and increases the chance an agent invokes actions the user did not expect.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The skill exposes a destructive clear command, but the documentation gives only a minimal caution and does not describe irreversibility, confirmation requirements, or backup expectations. In a CRM context this can cause accidental loss of lead and interaction history, which may disrupt operations and erase user data without recovery.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill persists lead data to a local JSON file without any explicit consent flow, retention policy, access control, or warning that potentially sensitive contact information will remain on disk. In a shared or multi-tenant environment, this can lead to unintended disclosure of personal or business contact data through filesystem access, backups, or later exports.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
Exporting all leads to a CSV on disk creates an easily portable copy of all stored contact data, but the function does not clearly warn users that a downloadable plaintext file will be written to the workspace. CSV exports increase exposure risk because they are simple to copy, share, ingest into other tools, or leave behind in accessible directories.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal