ClawHub

Meta Business CLI

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Meta Business CLI integration with powerful account actions, so it is acceptable for users who intentionally want Meta automation.

Install only if you trust the meta-business-cli package or the referenced GitHub repository and intend to let an agent operate Meta business assets. Use least-privilege Meta scopes, protect ~/.meta-cli/config.json, verify webhook.forwardUrl destinations, prefer HTTPS endpoints you control, and manually confirm sends, posts, deletes, moderation actions, and service installation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The configuration explicitly allows setting a webhook forward URL, which enables inbound message content to be transmitted to an external service without any nearby warning about privacy, consent, or sensitive data handling. In a messaging automation skill, this can expose customer conversations, identifiers, and business communications to third-party endpoints if users enable it without understanding the data flow.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This section states that inbound messages can be POSTed to an external service and that the webhook automatically processes inbound events, but it does not clearly warn about potential exposure of personal or confidential message data. Because the skill handles WhatsApp, Messenger, Instagram, and Facebook communications, the context increases the sensitivity of the forwarded content and makes silent data transmission more dangerous.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal