ClawHub

Daily Market Insight

Security checks across malware telemetry and agentic risk

Overview

This market-report skill has a coherent purpose, but it should be reviewed because it runs on a daily schedule, invokes local shell tooling, writes local files, and publishes to Feishu without clear scoping or confirmation.

Install only after confirming which Feishu account, document location, and chat it will use. Run it in a dedicated project directory, verify that opencode and any git init step are acceptable there, and consider requiring manual approval before scheduled Feishu posts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill instructs the agent to invoke an external `opencode` CLI and to run `git init`, even though the declared capabilities are limited to web search, web fetch, and Feishu document operations. This creates an unnecessary execution surface and allows the skill to perform local command execution and repository initialization outside its stated scope, which can lead to unintended system modification or abuse if the CLI behaves unexpectedly or is influenced by untrusted inputs.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill writes reports to local storage, creates a Feishu document, and sends a group message, but it does not present a clear user-facing warning or confirmation for these side effects. In an automated daily workflow, this can cause persistent data creation and external communications without sufficiently explicit consent, increasing the risk of accidental data leakage, spam, or unauthorized modifications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal