ClawHub

Egatee Chat Summary

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but it retrieves private IM chat history and has review-worthy credential handling before use.

Install only if you are authorized to access the bound IM account's recent conversations. Use a least-privileged Egatee API key, avoid UAT or custom base URLs unless you trust the network and endpoint, do not set EGATEE_AUTH_TOKEN unless required, and treat all generated summaries as private chat data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
80% confidence
Finding
The skill declares no explicit permissions even though it requires environment variables and makes outbound network requests to retrieve chat history. This undermines informed consent and policy enforcement, because a user or platform reviewer may not realize the skill can access secrets and send sensitive data to an external service.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README explicitly states the skill pulls 1–7 days of IM chat history via an API, but it does not warn users that this involves access to highly sensitive conversation content or describe consent, minimization, and handling expectations. In a chat-summary skill, the absence of privacy notice and safe-use guidance increases the risk of unauthorized or overly broad collection of personal or confidential communications.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This skill processes highly sensitive private chat history and related metadata, yet the description does not prominently warn users that such data will be transmitted to and processed via an external API. Missing privacy disclosure increases the risk of unintentional exposure of personal, confidential, or regulated communications.

Credential Access

High
Category
Privilege Escalation
Content
DAY="${1:-1}"

if [[ -f ".env" ]]; then
  # shellcheck disable=SC1091
  source ".env"
fi
Confidence
91% confidence
Finding
.env"

Credential Access

High
Category
Privilege Escalation
Content
if [[ -f ".env" ]]; then
  # shellcheck disable=SC1091
  source ".env"
fi

python3 tool.py --day "${DAY}"
Confidence
84% confidence
Finding
.env"

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal