ClawHub

go-now

Security checks across malware telemetry and agentic risk

Overview

This travel-planning skill is mostly coherent, but it automatically looks up the user's IP-based location through third-party services and creates local HTML output without clear prior consent.

Review before installing. Prefer giving your departure city manually, do not allow automatic IP location lookup unless you are comfortable contacting those services, and avoid putting license plates, avatar URLs, or companion details into generated posters unless you intend to store or share them. Confirm the save path and browser opening before letting it create local HTML files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill instructs the agent to automatically call third-party IP geolocation services at conversation start and use the derived city without first asking the user. This collects and discloses location-related personal data to external services beyond what is necessary for a travel-idea assistant, creating an unnecessary privacy and data-sharing risk.

Context-Inappropriate Capability

High
Confidence
95% confidence
Finding
The skill tells the agent to write a file to the local Desktop and automatically open it in a browser, which exceeds the expected scope of a conversational travel assistant. Unprompted filesystem writes and automatic application launches can surprise users, create privacy issues, and normalize unsafe local side effects.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The template includes specific personal travel details such as a person's name, relationship status, vehicle model, and a full-looking license plate, none of which are necessary for a generic trip-inspiration demo. Even if fictional, this normalizes embedding sensitive personal data into reusable templates and could lead to real user data being exposed if the template is adapted dynamically or copied into production.

Vague Triggers

High
Confidence
90% confidence
Finding
The trigger conditions are extremely broad, covering generic emotions and common phrases unrelated to travel, which can cause the skill to activate in unintended contexts. Over-triggering increases the chance that privacy-invasive behaviors inside the skill, such as location collection, are invoked when the user did not seek travel assistance.

Missing User Warnings

High
Confidence
98% confidence
Finding
The document requires undisclosed network requests to public IP geolocation APIs, without informing the user that their IP-derived location will be queried externally. Hidden outbound requests for personal data materially increase privacy risk and undermine informed consent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs file creation on the user's Desktop and automatic browser opening without prior notice or confirmation. Undisclosed local side effects reduce user control and can expose sensitive itinerary details to other local users or systems.

Ssd 3

Medium
Confidence
97% confidence
Finding
Automatically deriving the user's city from IP before asking for permission is a form of personal data collection initiated by natural-language instruction. In this context, the collection is especially risky because the skill can trigger on vague emotional prompts, so location harvesting may occur outside a clearly requested travel-planning flow.

Ssd 3

Medium
Confidence
92% confidence
Finding
The skill encourages gathering and embedding personal details such as nickname, avatar, vehicle information, pet names, and companion identities into a generated artifact. Although framed as personalization, these are unnecessary or sensitive data elements that can increase privacy exposure if stored, shared, or displayed without careful minimization and consent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal