ClawHub

ai-daily-report

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only AI news report skill with optional bot deployment guidance; its main risks are normal privacy and webhook hardening considerations for deployers.

Installing the skill as prompt instructions appears low risk. Before deploying it as a Feishu bot, confirm what chat data is sent to Coze, Dify, OpenAI, Claude, or other providers; protect API keys; implement actual Feishu signature verification; avoid using ngrok for production; and add rate limits and logging controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is broad enough to match many generic requests about AI news, trends, or analysis, which can cause the agent to invoke this skill when the user did not explicitly ask for a daily report. Overbroad triggering increases the chance of unintended web retrieval, excessive autonomy, and surprising behavior, especially because the skill instructs the agent to proactively search, filter, and directly output content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The guide instructs implementers to send user-triggered report generation content to an external AI API, but it does not mention any privacy notice, consent flow, data minimization, or handling of potentially sensitive chat content. In a Feishu/chatbot deployment context, users may reasonably assume messages stay within the chat platform, so silently forwarding content to a third-party model provider creates a real privacy and compliance risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal