ClawHub

Cross Bot Communication

Security checks across malware telemetry and agentic risk

Overview

This skill is not clearly malicious, but it should be reviewed because it automatically maps Telegram group/channel relationships and can relay messages without clear user controls.

Review before installing. Use a dedicated low-privilege Telegram bot token, restrict scans to specific groups/channels you approve, require a visible preview and confirmation before messages are sent, and ensure any relationship table can be reviewed and deleted. Avoid granting admin rights unless necessary.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly describes automatic scanning of existing groups/channels and construction of a relationship table, but does not disclose privacy implications, consent expectations, retention, or access controls for the collected social-graph data. In a messaging/agent context, silently enumerating memberships and persisting owner/bot/group mappings can expose sensitive relationship metadata and create unauthorized surveillance concerns.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
Presenting the skill as 'zero-configuration' and 'automatic' downplays that it may auto-bind identities and persist relationship data derived from user/group context. That framing increases the chance that operators enable behavior without understanding that social-context metadata is being inferred and stored, which can lead to privacy violations or unexpected state changes.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly describes automatic scanning of existing groups and channels to build a social relationship map, but it provides no user-facing notice, consent step, scope limitation, or retention policy. In an agent context, this can expose membership and relationship metadata without informed user approval, creating privacy and data-minimization risks.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes sending messages to a target bot through subagents but does not warn that user content or metadata may be transmitted to third-party bots or channels. This creates a real outbound disclosure risk because users may not realize their requests are being relayed externally, potentially exposing sensitive information or identities.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal