ClawHub

WeChat Data Exporter

Security checks across malware telemetry and agentic risk

Overview

This skill openly exports internal customer WeChat data, including private-message data, but lacks clear authorization, privacy, and retention controls.

Install or run this only in an authorized Da-Mai/OpenClaw environment, and only for customers and data categories you are explicitly allowed to access. Review the private-message export carefully, add authentication and authorization checks, redact logged URLs, sanitize filenames, and define retention or secure deletion for exported files before operational use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill advertises network access and file-writing behavior in its documentation, but the manifest declares no permissions. This creates a transparency and policy-enforcement gap: users or an execution framework may treat the skill as lower risk than it actually is, while it is intended to retrieve remote data and persist it locally.

Intent-Code Divergence

Medium
Confidence
83% confidence
Finding
The documentation claims the exporter can access backend APIs directly using only an `author` parameter and no signature, yet no implementation is provided to validate that claim. Unsupported claims about bypassing expected authentication or request signing are dangerous because they may normalize insecure backend access patterns or conceal undocumented dependencies, making review and detection harder.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill is explicitly designed to export specified customer data from an internal system, yet it gives no warning about privacy, authorization, or sensitivity of the retrieved data. In this context, the omission is significant because the skill targets identifiable customer records and encourages direct backend extraction, increasing the risk of unauthorized collection or misuse.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation describes writing exported customer data files and a JSON report to local disk without any warning about local persistence of sensitive data. This is dangerous because saved exports may remain accessible to other local users, backups, or downstream tools, extending the exposure window beyond the immediate task.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal