ClawHub
Back to skill

Security audit

Send A Custom Greeting Card

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it helps create and mail physical greeting cards, but users should know recipient addresses and card contents go through AgentPMT and mailing vendors.

Install this only if you want an agent to prepare or send physical cards. Before using send, confirm the exact recipient, address, card content, cost, and that the recipient address may be shared with AgentPMT and downstream print/mail providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to collect and transmit recipient mailing address data to external print-and-mail providers, but it does not clearly warn about third-party disclosure, retention, or consent requirements. Because this workflow handles personal data and causes a real-world mailing action, the absence of explicit privacy/data-handling guidance increases the risk of unauthorized disclosure or sending without informed user approval.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The `send` action initiates real-world physical mail delivery and requires transmission of recipient postal address data, but the schema text does not include an explicit warning that this is an irreversible external side effect involving sensitive personal information. In an agentic context, this increases the risk of accidental mailings, privacy violations, harassment, or unauthorized use of a recipient's address if an agent invokes the action without clearly surfacing the consequences to the user.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal