ClawHub

lead-generating

Security checks across malware telemetry and agentic risk

Overview

The skill fits its sales-lead purpose, but it needs review because it handles personal lead data with a full-power Supabase key and supports irreversible deletion without clear safeguards.

Install only if you can dedicate a tightly scoped Supabase project or schema, protect the Service Role Key, and add operational controls around privacy notice, consent or lawful basis, retention, Make.com data handling, deletion recovery, and audit logging before using it with real lead or conversation data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README explicitly describes capturing lead data from conversations, storing it in Supabase, and triggering third-party automation for auto-reply emails, but it provides no privacy notice, consent guidance, or data-handling constraints. In a lead-management skill processing personal data such as email, name, phone, and conversation content, this omission can lead to unauthorized collection, disclosure to external processors, and regulatory/privacy violations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill handles sensitive lead personal data including email, phone numbers, custom fields, and full conversation history, and explicitly sends data to external services (Supabase and Make.com) without a clear user-facing warning or consent notice. This creates privacy, compliance, and data-governance risk because operators may deploy it without understanding that PII is being centrally stored and transmitted to third-party automation systems.

Missing User Warnings

High
Confidence
75% confidence
Finding
This method performs irreversible deletion of lead records with a single call and no application-level safeguard such as soft delete, confirmation token, audit logging, or role/permission check beyond matching org_id. If this skill is exposed to an over-permissive agent or misused by an authorized caller, records can be removed silently, causing data loss and hampering recovery or investigation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal