ClawHub

leadklick

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real lead-management skill, but it asks for a full Supabase service-role key and exposes under-documented high-impact database actions.

Install only if you can dedicate or tightly isolate a Supabase project for this workflow. Treat the service-role key as highly sensitive, store it only server-side, rotate it if exposed, verify org isolation, review or remove the deleteLead capability, and ensure users have consented before their contact details and conversation content are stored or used for automated email replies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly promotes automatic lead storage and auto-reply email triggering based on conversation content, but it does not warn users that personal data and message contents may be transmitted to third-party systems and persisted. In a lead-management skill, this omission increases the risk of privacy violations, unauthorized processing of personal data, and accidental disclosure of sensitive conversation content.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README instructs users to configure a Supabase service role key, which is a highly privileged secret capable of bypassing normal client restrictions, yet it gives no warning about secure handling, server-side-only use, or compromise impact. In this skill context, misuse or exposure of that key could allow broad access to all tenant lead and conversation data, undermining the claimed isolation controls.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill handles personally identifiable information such as email, name, phone, conversation content, and custom fields, and explicitly states that this data is stored in Supabase and sent to Make.com for automation. However, the description does not warn users that lead data is persisted and transmitted to third-party services, which creates a privacy and consent risk and can lead to unintended disclosure of sensitive customer information.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The manifest explicitly requires a Supabase service role key, which is a highly privileged secret that can bypass row-level security and access or modify backend data broadly if mishandled. Although the file does label it as 'NOT the anon key!', it does not provide any warning about the security implications, scope minimization, or safe handling requirements, increasing the risk of overprivileged deployment and accidental exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal