ClawHub

Invoice Chaser

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate invoice-reminder skill, but it can automate real client collection emails while the key sending and reporting scripts are missing from the reviewed bundle.

Review before installing. Do not enable cron or live email sending until the missing chase/status/report scripts are supplied and reviewed. Use a dedicated billing email account, protect the local invoice data directory, validate invoice inputs, and require human approval before firm, final, or disputed-invoice messages are sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
80% confidence
Finding
The skill is described in very broad terms around invoice tracking, chasing, status checks, and reporting, which increases the chance it will be invoked in ordinary accounting conversations without the user realizing that some paths can send outbound collection emails. In this context, over-broad triggering is risky because the skill automates external communications with clients and escalation logic, so an unintended invocation could result in reputational harm or accidental payment pressure.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The chase-cycle description explains that the skill sends reminder emails and escalates tone, but it does not provide a prominent warning that running the automation will contact external client email addresses. Because this skill directly interfaces with Gmail and is designed for scheduled execution, insufficient warning makes accidental outbound messaging materially more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal