ClawHub

Meeting Risk Radar

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed meeting-preparation helper that optionally runs a local Python script to turn user-provided meeting material into a structured risk checklist.

Install for ordinary meeting-preparation workflows. Use redacted inputs for sensitive meetings, choose output paths deliberately, and treat results as review drafts rather than formal risk or compliance decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
Authorizing shell/script execution is unnecessary for a skill whose stated role is analysis and draft generation from meeting inputs. Allowing `python3` execution expands the attack surface to command execution, local file access, and any behavior embedded in the referenced script, making prompt-to-tool escalation or script abuse materially more dangerous.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The skill claims a 'default read-only' boundary, but immediately permits executing a Python script that consumes input files and writes output files. This contradiction undermines the trust model and can mislead reviewers into underestimating the real ability of the skill to modify state or exfiltrate transformed local data.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The README advertises broad natural-language trigger phrases such as '帮我检查这个会议有哪些风险' and '会前需要补哪些材料', which are common requests that can overlap with ordinary conversation. In agent environments that auto-route by trigger text, this increases the chance of accidental invocation, causing the skill to process meeting materials unexpectedly and potentially expose or over-process sensitive planning content.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal