ClawHub

Auto Publisher

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for video publishing, but it can automatically post to multiple real social accounts without a final confirmation or dry-run safeguard.

Install only if you intentionally want automation to publish through your social-media accounts. Run it visibly first, specify exact platforms instead of using the all-platform default, avoid headless or scheduled use until tested, and protect or delete local account/config/log files because they may reveal account setup and posting history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill advertises and instructs use of local configuration files such as `config/accounts.json` and `config/publish_log.json`, which implies file read/write capability, yet no explicit permissions are declared. This creates a transparency and consent gap: users or host systems may not realize the skill stores sensitive authentication material and publishing history on disk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly states that login cookies are saved for later reuse, but it does not warn that these cookies may grant continued access to users' publishing accounts if copied or exposed. In a tool that automates posting across multiple social platforms, persistent session storage increases the risk of account takeover, unauthorized posting, and privacy leakage if the local machine or config directory is compromised.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The README promotes bulk, multi-platform, and scheduled publishing but does not clearly warn that the tool can perform real account actions automatically, potentially posting to multiple destinations or at unintended times due to configuration mistakes, stale schedules, or automation errors. Because this skill is specifically designed to act on authenticated social media accounts, insufficient warning increases the chance of accidental mass posting, reputational harm, and possible policy violations across several platforms at once.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad, such as 'Auto-post this video' and '批量上传视频', without confirmation requirements, target-platform scoping, or safeguards against accidental invocation. In a skill that performs account-impacting social media publishing, overly broad triggers increase the risk of unintended uploads or cross-platform posting.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This skill performs sensitive actions on behalf of user social-media accounts, including uploads, scheduled posting, and local cookie storage, but the description only provides minimal security notes and lacks prominent warnings about privacy, account consequences, and irreversible publishing actions. Users may not understand that automation can expose account data, retain credentials locally, or publish content to multiple platforms with reputational and business impact.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script automates final submission clicks to external platforms immediately after filling forms, with no explicit confirmation, dry-run mode, or approval checkpoint. In a bulk multi-platform publisher, this increases the risk of unintended uploads, reputational damage, accidental policy violations, and publication under the wrong account if inputs or page state are incorrect.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal