ClawHub

Daily Brief

Security checks across malware telemetry and agentic risk

Overview

This skill openly documents a daily OpenClaw log summary sent to Telegram, but users should treat the outgoing brief as potentially sensitive operational data.

Install only if you are comfortable with recent OpenClaw operational summaries being sent to the configured Telegram chat. Use a private chat or controlled group, secure and scope the OpenClaw and Telegram tokens, redact logs that may contain secrets or private user content, and remove the cron entry when you no longer want daily delivery.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README explicitly states that gateway logs, unresolved issues, and evolver logs are summarized and pushed to Telegram, but it does not warn users that potentially sensitive operational data will leave the local system and be transmitted to a third-party messaging platform. In this context, that omission is security-relevant because admins may deploy the skill assuming it is purely local, while the skill is designed to exfiltrate internal status data to an external service.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill is explicitly designed to collect operational logs, summarize them, and send the resulting brief to Telegram, but the description does not clearly warn that sensitive runtime data may be disclosed to a third-party messaging service. Even if the final message is summarized, logs and evolution data can contain secrets, identifiers, internal errors, or other confidential operational details, making this a real information disclosure risk.

External Transmission

Medium
Category
Data Exfiltration
Content
RESULT=$(echo "$RESPONSE" | jq -r '.choices[0].message.content // "Secretary unavailable"')

curl -s -X POST "https://api.telegram.org/bot${BOT_TOKEN}/sendMessage" \
  -d chat_id="${CHAT_ID}" \
  --data-urlencode text="${RESULT}"
```
Confidence
95% confidence
Finding
curl -s -X POST "https://api.telegram.org/bot${BOT_TOKEN}/sendMessage" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
RESULT=$(echo "$RESPONSE" | jq -r '.choices[0].message.content // "Secretary unavailable"')

curl -s -X POST "https://api.telegram.org/bot${BOT_TOKEN}/sendMessage" \
  -d chat_id="${CHAT_ID}" \
  --data-urlencode text="${RESULT}"
```
Confidence
95% confidence
Finding
https://api.telegram.org/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal