ClawHub

GenViral Social Media

Security checks across malware telemetry and agentic risk

Overview

The skill's visible code only formats a social post, but it declares unexplained dependencies for external posting and self-improvement.

Review before installing. The visible code is small and not destructive, static scan is clean, and VirusTotal is only pending telemetry, but the package declares posting and self-improvement dependencies that are not clearly needed. Install only if you can verify those dependencies are safe, pinned, and will not publish or retain data without explicit user approval.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
84% confidence
Finding
The README frames the skill as only generating social media content, but its listed dependencies indicate additional capabilities to post externally and to self-improve. This mismatch can mislead users about the actual behavior and trust boundary of the skill, increasing the risk of unintended publication or autonomous behavior beyond what operators expect.

Context-Inappropriate Capability

Medium
Confidence
80% confidence
Finding
A self-improving or learning component is not obviously necessary for a skill whose stated purpose is generating social media posts, so undocumented adaptive behavior raises risk. Such functionality can change outputs or behavior over time, potentially learning unsafe posting patterns, retaining sensitive data, or expanding actions in ways the user did not anticipate.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The dependency on `self-improving-agent` is not aligned with the stated purpose of generating social media posts and hashtag optimization. A self-modifying or self-improving agent library can introduce autonomous behavior, dynamic goal changes, or expanded access patterns that increase the attack surface and make the skill harder to reason about, especially if the package can fetch updates, alter prompts, or influence downstream actions.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README mentions a posting-related dependency but does not warn that the skill may publish content to external social platforms. In an agent setting, undisclosed outbound posting is dangerous because generated content may be automatically sent publicly, causing reputational harm, policy violations, spam, or accidental disclosure of sensitive information.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The metadata description is extremely broad ('AI powered viral SNS post generator') and does not define clear activation boundaries, allowed platforms, or operational constraints. In agent ecosystems, overly broad skill descriptions can cause unintended invocation or misuse outside the author's intended scope, increasing the chance of unsafe content generation, spam-like behavior, or policy-bypassing task routing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal