ClawHub

Improve Relationships

Security checks across malware telemetry and agentic risk

Overview

This relationship-outreach skill appears useful but needs Review because it normalizes using private communication history and inferred cultural or language attributes without clear consent or override controls.

Review this carefully before installing. Use it only with contacts and data sources you intentionally provide, verify every inferred language or cultural cue before drafting, and do not let it access message history, calendars, or social profiles unless you are comfortable with that information being used for personalization.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (13)

Natural-Language Policy Violations

Medium
Confidence
93% confidence
Finding
The CSV stores inferred language labels such as 'en (from email history)', 'ar (from WhatsApp history)', and 'ja (from email history)' without any indication of user choice, consent, or verification. In a relationship-intelligence skill, this can lead to privacy harm, profiling, and inappropriate outreach behavior if the system acts on sensitive inferences about a contact's language or background.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The example explicitly lists sensitive personal and behavioral data sources such as conversation history, contact notes, calendar events, and a shared LinkedIn tab without any visible privacy notice, consent boundary, or data-minimization framing. In a relationship-intelligence skill, normalizing broad aggregation of personal data can lead to overcollection, surprise use of sensitive context, and privacy-invasive outreach suggestions even if the skill does not send messages automatically.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The output presents language choice as automatically 'detected from history' and uses that detection to generate outreach drafts without showing user confirmation or recipient preference validation. This can expose sensitive inference about ethnicity, religion, or personal identity, and can cause inappropriate or revealing messages if historical language use is incomplete, outdated, or context-specific.

Natural-Language Policy Violations

Medium
Confidence
77% confidence
Finding
The skill fixes a contact language based on inferred history (`language_source: email_history`) without showing any user confirmation or per-message choice. That can cause privacy-sensitive inference about identity or preferences and may generate outreach in the wrong language, creating social engineering, embarrassment, or relationship harm in a skill explicitly designed for interpersonal communication.

Natural-Language Policy Violations

Medium
Confidence
77% confidence
Finding
Here the system appears to lock Japanese as the outreach language from prior email history without any visible opt-in or confidence gating. In a relationship-intelligence context, incorrect language choice can expose inferred ethnicity or personal assumptions, misfire culturally, and reduce the user's control over sensitive communication decisions.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
This entry infers Arabic from WhatsApp history and pairs it with a religious observance, which increases sensitivity because it combines language and cultural/religious context. Even without automatic sending, such profiling can lead to inappropriate personalization, exposure of inferred sensitive traits, or awkward/offensive outreach if the inference is wrong.

Natural-Language Policy Violations

Medium
Confidence
74% confidence
Finding
The example fixes English based on text history without documenting whether the user can review or override that assumption. While less sensitive than some other entries, it still reflects unilateral profiling that may be inaccurate and can undermine consent and communication safety in a product handling personal relationships.

Natural-Language Policy Violations

Medium
Confidence
74% confidence
Finding
This example uses prior text history to lock English for outreach, but the schema gives no indication the user opted into language inference or can select another language for this message. In a tool that synthesizes social outreach, hidden assumptions about language increase the chance of miscommunication and privacy-invasive personalization.

Natural-Language Policy Violations

Medium
Confidence
74% confidence
Finding
The contact language is inferred from email history and presented as fixed, with no documented consent or override path. Because this skill ranks and drafts outreach, that assumption can propagate into automated personalization decisions that the user may not realize are based on potentially incorrect profiling.

Natural-Language Policy Violations

Medium
Confidence
79% confidence
Finding
This example combines inferred French from text history with a cultural observance (Nowruz), creating a stronger risk of sensitive attribute inference and culturally mismatched outreach if assumptions are wrong. In this skill context, that makes the issue more dangerous because the whole purpose is personalized relationship messaging, so inaccurate or unconsented inference directly affects real-world interactions.

Natural-Language Policy Violations

Medium
Confidence
72% confidence
Finding
Even for a low-priority company-news signal, the example still fixes English from email history without evidence of user choice. The impact is somewhat lower here, but the same consent and profiling concern remains because the skill operationalizes inferred communication preferences into suggested outreach behavior.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The template instructs the agent to draft in the language inferred from a contact's communication history, which relies on behavioral/profile data without explicit user opt-in at the point of use. Even though this file only defines drafting guidance and the skill does not send messages automatically, automatic language selection can reveal inferred personal attributes and cause privacy or appropriateness issues if the inference is wrong or unexpected.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
The template instructs the system to draft in the language detected from a contact's communication history, which implies inferring and acting on user/contact attributes without explicit consent or a direct user request. This can create privacy and safety issues by using behavioral profiling to generate culturally or linguistically targeted outreach that the user did not explicitly approve, increasing the risk of inappropriate personalization or sensitive-attribute inference.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal