ClawHub

Compensation Repo

Security checks across malware telemetry and agentic risk

Overview

This is a coherent HR compensation and payroll precheck skill, but it handles confidential employee data and generated files should be protected.

Install only for HR teams that intend to process China-oriented compensation or payroll precheck data. Use the minimum necessary fields, mask national ID and bank details where possible, choose a restricted output folder, limit sharing of generated DOCX/CSV/JSON files, and delete exported packets when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The default prompt broadly instructs the system to use this skill for compensation decisions or filing prechecks without defining clear triggering boundaries, approval conditions, or input constraints. In an HR/payroll context, this can cause over-invocation of the skill on sensitive employee and payroll data, increasing the chance of incorrect automated guidance, privacy exposure, or reliance on the assistant for regulated filing decisions.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs users to provide payroll declaration lists, tax/social insurance/housing fund filing fields, employee status, and legal-entity/payment-location data, but does not warn about the sensitivity of personal and compensation information or recommend data minimization/redaction. In an HR/payroll context, this increases the likelihood that users will paste highly sensitive personal and salary data into the system unnecessarily, creating privacy, compliance, and unauthorized disclosure risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script writes multiple files containing highly sensitive payroll and personal data to disk, including employee names, IDs, bank-account-related status, tax/social-insurance status, and compliance risk summaries, without any access-control checks, encryption, minimization, or warning to the operator. In an HR/payroll context, this materially increases the chance of privacy breaches, unauthorized local access, accidental sharing, or retention of regulated employee data in insecure locations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal