ClawHub

clicksend

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only messaging skill, but it needs Review because it can send paid messages and mutate contact data while its provider routing and confirmation boundaries are unclear.

Install only if you intend to give the agent a SkillBoss API key that can send messages or calls and change contact data. Require explicit confirmation before any send, cancel, delete, or contact/list mutation, and verify whether requests go through SkillBoss, Prelude, ClickSend, or multiple providers before using real recipients or billing-enabled accounts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The skill is presented as a ClickSend integration, but the examples actually send data to SkillBoss's /v1/run endpoint using a Prelude model. This mismatch can cause operators to disclose message contents, recipient phone numbers, and API credentials to an unexpected intermediary service, undermining informed consent and trust boundaries.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The file claims all SMS requests are routed through Prelude, while the rest of the document describes direct ClickSend API endpoints. This contradiction obscures where user data is actually sent and processed, which is security-relevant because message bodies, phone numbers, and metadata may traverse an additional third party.

Missing User Warnings

Medium
Confidence
78% confidence
Finding
The skill description advertises sending messages, making calls, and managing contacts without warning that these actions transmit sensitive personal data to external services and may incur irreversible side effects. In a messaging/contact-management skill, lack of explicit consent and external-processing notice increases the risk of accidental privacy violations or unauthorized communications.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal