ClawHub

每日有趣内容

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it searches for lighthearted Chinese content, stores a small local cache, and can be scheduled by the user.

Install this only if you want recurring web searches and local caching of generated fun content. Review the cron and HEARTBEAT examples before enabling them, and make sure the local mcporter/search tooling is trusted because the script invokes it through the shell.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The script builds a shell command string and executes it with execSync, which introduces unnecessary command-execution capability into a content-generation workflow. Although the current queries are hard-coded, this still expands the attack surface: if the CLI binary, PATH, environment, or future query inputs are influenced, the process could execute unintended commands or invoke a malicious replacement binary.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill defines broad autonomous behavior such as 'search web for jokes, memes, and chat tips' and periodic sharing, but it does not bound sources, query scope, output filtering, or clear trigger/exclusion conditions. That makes the agent more likely to retrieve low-quality, unsafe, offensive, or manipulative content and act beyond user expectations during scheduled execution.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly performs network searches and writes results to a local cache file, yet it provides no user-facing disclosure, consent flow, or warning about data persistence and external fetching. In an automated cron context, this can cause unexpected outbound requests and storage of unreviewed content, increasing privacy, compliance, and content-safety risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal