ClawHub

Verify Claims

Security checks across malware telemetry and agentic risk

Overview

This fact-checking skill is mostly coherent, but it can automatically create later follow-up tasks and store the user’s original claim without clear prior consent.

Install only if you are comfortable with web-based fact-checking and with the possibility of scheduled follow-ups. For sensitive political, medical, legal, or personal claims, do not allow follow-up scheduling unless the agent first asks permission and explains what will be stored, for how long, and how it can be cancelled or deleted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to schedule follow-up checks and proactively notify the user later, which expands behavior from one-shot fact-checking into persistent tasking. That creates unauthorized statefulness and possible re-contact without explicit user consent, increasing privacy and product-scope risk even though the functionality is framed as helpful.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill explicitly says to store the user's original query, claims, and context for later execution. This introduces retention of potentially sensitive user content beyond the immediate verification task, which can expose personal data or sensitive interests if stored, reused, or surfaced later without clear consent and safeguards.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill tells the agent to schedule a future fact-check and notify the user, but it does not require an upfront warning that data may be retained or used later. This creates a transparency and consent gap: users may not realize their request will persist beyond the current interaction or that they may be contacted again based on stored context.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Automatic storage of the original query, claims, and context for scheduled tasks lacks any clear user-facing warning or consent mechanism. Because claim-verification requests can contain sensitive political, medical, or personal topics, retaining them silently increases privacy risk and can violate expectations about ephemeral processing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal