ClawHub

Meeting Minutes Pro

Security checks across malware telemetry and agentic risk

Overview

This is a coherent instruction-only skill for creating structured internal meeting minutes, with no code execution or hidden data flows.

Before using it with real meeting content, confirm the minutes are intended for the chosen audience, redact sensitive details, and make sure any transcript or recording links have appropriate access controls. Do not paste secrets or confidential material unless your organization permits using the connected LLM service for that content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs users to publish minutes and include links to recordings/transcripts, but it does not require a privacy, confidentiality, or access-control check before doing so. In internal meeting contexts, minutes and source artifacts often contain sensitive business information, participant identities, or incidental personal data, so normalizing publication without safeguards can lead to oversharing or unauthorized disclosure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal