ClawHub

Immigration

Security checks across malware telemetry and agentic risk

Overview

This immigration organizer is not malicious, but it stores sensitive immigration records locally and includes visa-specific legal-status guidance that exceeds its stated safety boundary.

Install only if you are comfortable with immigration-related details being saved locally in the OpenClaw workspace. Treat the visa-specific rights, restrictions, deadlines, and interview guidance as general, potentially outdated information; verify current rules with official government sources or a licensed immigration attorney before acting on it. Review or delete the local memory files when you no longer need them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill clearly instructs use of local files under memory/immigration/ for storing applications, documents, timelines, and interview notes, which are sensitive personal immigration records. Even though storage is local-only, undeclared file read/write capability is still a real security concern because it expands the skill's effective privileges without explicit permission disclosure and can expose or overwrite sensitive data in the workspace.

Tp4

High
Category
MCP Tool Poisoning
Confidence
80% confidence
Finding
The skill description emphasizes organizational help and strict privacy boundaries, but the documented behavior includes persistent handling of highly sensitive immigration data and visa-specific guidance that can drift into substantive, quasi-legal assistance. This mismatch is dangerous because users may rely on the skill as low-risk administrative support while it actually stores sensitive records and may influence legal-process decisions without clearly scoped safeguards.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrases are broad enough that ordinary conversation about tracking, deadlines, or document expiry could invoke this skill unintentionally. In an immigration context, accidental activation can expose or collect highly sensitive personal timeline and document data, increasing privacy and misrouting risks even if no overtly malicious behavior is present.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrases are broad enough to match generic requests like 'Help me prepare my application,' which can cause the immigration skill to activate for ambiguous situations. In this domain, misrouting is more sensitive because the skill handles highly personal document workflows and could prompt collection or organization of sensitive identity, financial, and civil records when the user's intent is not clearly immigration-related.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal