ClawHub

News Aggregator Skill

Security checks across malware telemetry and agentic risk

Overview

This skill behaves like a normal public-news aggregator, with expected network fetching and local report files disclosed in its instructions.

Install this if you want a news skill that fetches public web sources and writes local Markdown reports. Use it in a normal project directory, avoid deep scans for sensitive queries if third-party sites should not see your network activity, and consider pinning or reviewing the Python dependencies before installation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (9)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill mandates writing full reports to the local reports/ directory even though its primary purpose is news retrieval and summarization. Unnecessary file creation can persist sensitive prompts, retrieved content, or derived analysis on disk without user awareness, increasing data exposure and retention risk.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The menu trigger includes vague language such as similar help/menu phrases, which can cause accidental activation of the skill's interactive flow. Ambiguous triggering increases the chance of unintended file reads or tool usage when the user did not explicitly request the skill behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill requires saving reports to disk but does not warn the user that local files will be created. Silent persistence can surprise users, leave artifacts containing fetched content and analysis, and create avoidable privacy and operational risks on shared systems.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The deep-fetch feature downloads and extracts full article text from external sites without warning about expanded network activity or third-party data handling. This can expose the user's query context and cause the agent to retrieve more content than expected, raising privacy, compliance, and content-safety concerns.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The --deep mode causes the script to fetch every collected article URL, including third-party links from multiple external sources, without an explicit consent prompt or clear warning that additional outbound requests will occur. In an agent context, this can expose the runner's IP/network metadata to arbitrary sites and trigger unintended contact with untrusted destinations, making it a real privacy and network-safety issue even though the feature appears intended for summarization.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The 'Global Scan' template invokes all sources at once using a very broad phrase, which can trigger unnecessarily expansive data collection and analysis. In an agent setting, this increases the risk of unintended activation, excess external requests, higher cost, and processing of content beyond what the user actually needs.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
beautifulsoup4
Confidence
94% confidence
Finding
requests

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests
beautifulsoup4
Confidence
90% confidence
Finding
beautifulsoup4

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High
Category
Supply Chain
Confidence
97% confidence
Finding
requests

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal