ClawHub

Slack Controller

Security checks across malware telemetry and agentic risk

Overview

This Slack automation skill appears purpose-aligned, but it needs Review because it can take real Slack actions as you with broad permissions and limited scoping safeguards.

Install only if you are comfortable with the agent operating Slack as your logged-in account. Use explicit prompts, require manual confirmation before sending messages, uploading files, starting huddles, or sharing the screen, and avoid enabling it in sessions where sensitive local files or private screen contents may be exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This skill enables high-impact browser automation against Slack as the logged-in user, including sending messages, uploading files, changing status, and initiating screen sharing. Although the description says it acts 'as you,' it does not present a clear, explicit warning about the security and privacy consequences, which increases the risk of users invoking it without understanding that real account actions with external visibility will occur.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger examples are broad natural-language phrases that closely resemble ordinary conversation, making accidental or overly-permissive invocation more likely. In the context of a skill that can perform external Slack actions as the user, ambiguous activation can lead to unintended messages, huddles, status changes, searches, or screen sharing with real organizational impact.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill exposes message sending, huddle initiation, screen sharing, and search via browser/network automation without prominently warning that content and potentially on-screen information will be transmitted to Slack. In this context, the absence of disclosure is dangerous because these actions can leak sensitive text, metadata, or visual information to external recipients under the user's identity.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill exposes message sending, huddle initiation, screen sharing, and search via browser/network automation without prominently warning that content and potentially on-screen information will be transmitted to Slack. In this context, the absence of disclosure is dangerous because these actions can leak sensitive text, metadata, or visual information to external recipients under the user's identity.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal