ClawHub

Toingg Ops Toolkit

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates Toingg campaign operations, including calls, contact uploads, WhatsApp template sends, and optional analytics scheduling, but users should handle outreach consent and contact data carefully.

Install only if you intend to let the agent operate your Toingg account. Before using contact upload, calls, or WhatsApp broadcasts, confirm recipient consent, lawful basis, correct phone numbers, approved template and locale, and opt-out handling. Keep TOINGG_API_TOKEN private and scoped, avoid committing contact exports or API responses with personal data, and enable the analytics cron only if you want scheduled background pulls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill operationalizes bulk contact upload and WhatsApp template broadcasting but does not require any consent, lawful-basis, recipient verification, or privacy warning before outreach. In an automation context, this omission can enable unauthorized messaging, misuse of personal data from spreadsheets, and accidental spam or compliance violations at scale.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The example command hard-codes the WhatsApp template locale to en-US without instructing the operator to confirm the recipient's preferred language or the approved template locale. This can cause misdelivery, policy issues, or user harm when recipients receive content in the wrong language, especially in bulk messaging scenarios.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The workflow instructs users to upload contact lists containing names and phone numbers and then send WhatsApp templates, but it provides no guidance on consent, lawful basis, recipient expectations, rate limiting, or privacy/security handling of the exported data. This creates a realistic risk of misuse for spam, unauthorized messaging, or improper handling of personal data, especially because the steps are operational and directly executable.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
On HTTP errors, the script includes the full response body in the terminal error message. If the upstream API returns sensitive diagnostics, internal identifiers, request metadata, or echoed data, this can disclose information to users, logs, CI systems, or other observers beyond what is necessary for troubleshooting.

Missing User Warnings

Medium
Confidence
72% confidence
Finding
The script transmits personally identifiable information such as recipient name and phone number, along with a bearer-authenticated request, to a third-party external service without any explicit user warning, confirmation, or consent guard. In an agent-skill context, this can cause unintended disclosure of sensitive data if invoked on behalf of a user who does not realize that data is being sent off-platform.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal