ClawHub
Back to skill

Security audit

DoctorClaw Morning Briefing

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only daily briefing skill whose sensitive account access is disclosed and fits its purpose, though users should configure it carefully.

Install only if you are comfortable letting the agent read the specific inboxes, calendars, task lists, and location needed for the briefing. Prefer read-only scopes, concise summaries without detailed email previews, private Telegram/Discord destinations, and review or remove any saved briefings and scheduled jobs when you no longer need them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly aggregates highly sensitive personal data from multiple sources—email, calendar, tasks, and location-derived weather context—but does not clearly warn users that it will access, summarize, and potentially expose this information through external delivery channels or saved files. This creates meaningful privacy and confidentiality risk because users may enable the skill without understanding the scope of data access and the sensitivity of the generated briefing.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill encourages automatic scheduling and saving briefings to files or sending them to messaging platforms without a clear warning that this creates ongoing collection, repeated processing, and persistent storage of sensitive daily activity data. In context, the danger is increased because the workflow runs unattended and may continuously accumulate private information in memory/briefings or transmit it to potentially insecure or misconfigured channels.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.