ClawHub

paid-ads

Security checks across malware telemetry and agentic risk

Overview

This is a coherent paid-advertising skill, but it asks for live ad-account authority and customer-data workflows without enough confirmation or privacy guardrails.

Use this skill as advisory by default. Before connecting it to real ad accounts, require explicit approval for every launch, edit, pause, budget change, targeting change, and customer-list upload, and only use customer or lead data when you have appropriate consent, opt-out handling, retention limits, and platform-policy compliance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill instructs the agent to read `.claude/product-marketing-context.md`, which is a file-read capability, but no corresponding permission is declared. Hidden file access expands the skill's effective authority and can expose sensitive business context or secrets if the referenced file contains more than marketing data. In this marketing skill context, the risk is elevated because the file may include proprietary strategy, customer data, or internal positioning not necessary for every ad task.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger description includes many broad phrases such as 'audience targeting,' 'ad copy,' 'campaign strategy,' and generic platform mentions, which can cause the skill to activate in situations where the user did not intend paid-ads assistance. Over-broad invocation increases the chance the agent applies this skill's instructions, including file reads and account-oriented guidance, in unrelated contexts. Because this skill discusses direct account access and operational campaign changes, mistaken activation is more dangerous than a purely informational skill.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill states it has 'direct access to ad platform accounts' and is meant to create, optimize, and scale campaigns, but it does not require a clear warning or confirmation before actions that could spend money, alter live campaigns, or affect attribution. This creates a real risk of unauthorized or accidental account changes with financial impact, especially if the skill is auto-invoked or used by a user who assumes recommendations are read-only. In the paid advertising context, mistakes can immediately consume budget, degrade performance, or pause revenue-generating campaigns.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guidance tells users to upload email lists for Customer Match without any warning about consent, lawful basis, or platform policy requirements for using personal data in advertising. In a paid-ads skill, this omission can normalize privacy-noncompliant audience targeting and lead users to misuse customer data, creating regulatory, contractual, and reputational risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The Meta customer list section advises uploading emails and phone numbers and refreshing them regularly, but omits any privacy, consent, retention, or permissible-use warning. Because this skill is specifically about ad audience targeting, the omission is more dangerous than in a generic marketing overview: it directly supports operational use of personal data for ad targeting without guardrails.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The checklist instructs users to upload customer lists and enable remarketing/pixel-style tracking across ad platforms without any accompanying privacy, consent, or lawful-basis guidance. In a paid ads skill, this can lead operators to collect, match, and process personal data in ways that violate platform policies or privacy laws, especially for retargeting and customer match workflows.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The lead gen form setup focuses on conversion optimization and CRM handling but omits safeguards for personal data collection, retention, sharing, and consent. Because these forms directly collect identifiable user information, the absence of privacy handling guidance increases the chance of noncompliant or overbroad data collection.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal