ClawHub

CPMO 日报自动化

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates daily reports, but it would repeatedly read sensitive local work data and sync it to a fixed Feishu destination with limited user controls.

Install only if you specifically want this CPMO workflow to read the named local Apple Notes, Calendar, reminders, and ledger data and sync daily summaries to the listed Feishu base. Before enabling cron automation, confirm the Feishu destination belongs to you or your organization, review what will be included, and add approval/redaction rules for sensitive notes, meetings, reminders, risks, and pending items.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly reads sensitive personal and work data from Apple Notes, Calendar, reminders, local files, and then transmits derived content to Feishu, but it provides no explicit privacy notice, consent boundary, data minimization rule, or approval step before exfiltrating information. This is dangerous because the sources may contain confidential schedules, project details, personal reminders, and risk logs, and the automation is designed to aggregate them on every run.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to modify user-controlled data stores by appending to Apple Notes and creating or updating Feishu records, yet it does not require explicit confirmation or warn the user that persistent records will be changed. This creates a risk of unauthorized data modification, accidental corruption/duplication, and silent propagation of sensitive work summaries into external systems.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal