ClawHub

Ironclaw Outreach Sequencer

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent outreach automation tool, but it should be reviewed because it can send LinkedIn and Gmail messages on a recurring schedule without clear approval gates or account scoping.

Install only if you intend to let an agent manage real outreach. Before using it, require a dry-run preview of recipients, message bodies, channels, sending account, and schedule; confirm the DuckDB lead source and opt-out handling; and avoid enabling cron-based sends unless you have a clear pause or approval process.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger description is broad enough to auto-activate on generic requests like 'send outreach' or 'start a drip campaign,' which can cause the agent to enter a high-impact workflow without clear user confirmation. In this skill, activation leads directly to automated multi-step messaging across LinkedIn and email, so accidental or ambiguous invocation can result in unsolicited communications, privacy misuse, and reputational harm.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill automates outbound LinkedIn and email messaging using profile data from DuckDB and scheduled execution, but it does not require an explicit warning or approval gate before performing privacy- and reputation-impacting actions. Because the skill includes browser-driven LinkedIn sending, Gmail CLI sending, and cron-based recurring execution, misuse or accidental execution could contact many leads, process personal data, and create compliance or spam exposure at scale.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal