ClawHub

Privacy Concierge

Security checks across malware telemetry and agentic risk

Overview

This privacy assistant has a coherent goal, but it asks for sensitive data and external action authority while leaving local file access and privacy controls too broad.

Review before installing. Do not provide real PII, Supabase, Telegram, Groq, or email credentials unless you can restrict local file access, preview and approve every outbound opt-out or DSAR submission, and confirm how stored personal data can be reviewed, deleted, and kept out of third-party logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The skill claims 'No external sharing without explicit consent,' but its documented behavior includes outbound email opt-outs and web search, both of which can disclose user identifiers or other personal data to third parties. This is a real privacy/security mismatch because users may rely on the note to make consent decisions while the system is designed to transmit data externally as part of normal operation.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The statement that all user data is stored only in Supabase is inconsistent with the declared use of Groq for inference and Telegram for messaging, both of which may process or retain user content outside Supabase. In a privacy-focused skill handling PII and breach data, this misleading assurance increases risk because operators and users may underestimate the actual exposure surface.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill is described as able to message users unprompted and initiate automated opt-out actions on their behalf, but it does not clearly require prior authorization boundaries, confirmation flows, or emergency-only criteria. For a privacy concierge that handles sensitive identity data and external requests, autonomous action can cause unintended disclosures, mistaken submissions, or user-surprising behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal