ClawHub

Biz Reporter

Security checks across malware telemetry and agentic risk

Overview

This reporting skill is coherent, but it asks for broad access to sensitive business systems and can send or schedule reports without enough scoping safeguards.

Install only if you are comfortable giving an agent access to business analytics, revenue, CRM, and social metrics. Use read-only keys where possible, choose each source explicitly, confirm exact date ranges and destinations before sending reports, and do not enable cron until you know how to review and remove the scheduled job.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill advertises very broad trigger phrases such as "how are we doing," "show me our metrics," and "what are our numbers," which can overlap with ordinary conversation and cause the skill to activate in contexts the user did not explicitly intend. Because this skill can access multiple sensitive business systems and aggregate analytics, revenue, CRM, and reporting outputs, unintended invocation could lead to unnecessary exposure or propagation of confidential business data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly supports delivering reports to Slack, email, Notion, Discord, and Markdown files, but it does not require a user warning or confirmation about where sensitive business metrics will be sent. Since the skill aggregates potentially confidential revenue, customer, sales, and traffic data from several systems, sending results to external channels without clear disclosure checks increases the risk of accidental data leakage to the wrong audience or workspace.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal