ClawHub

Daily EnglishNews Reader

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed English-learning workflow that reads public RSS feeds, creates a Feishu document, and keeps local history for deduplication.

Install only if you are comfortable authorizing the Lark/Feishu integration in the intended workspace and storing generated reading materials, source URLs, and local article history. Review npm and pip install prompts, and clear config/sent_articles.json if you want to remove the local deduplication history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill clearly performs local file reads and outbound network access, but it does not explicitly declare corresponding permissions or prominently warn users about those capabilities. This weakens transparency and informed consent, and can cause the agent to access local configuration/history files and remote RSS endpoints in ways the user did not reasonably expect.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger phrase '生成英语阅读材料' is broad enough to overlap with ordinary user requests, increasing the chance the skill activates unintentionally. Unintended invocation is risky here because the skill can perform network requests, create Feishu documents, and write local history/config state without a clearly deliberate opt-in at the moment of execution.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill writes and updates local files including configuration and sent-article history, but this persistence is not clearly disclosed in the main description or invocation flow. Hidden state changes can surprise users, leak usage patterns over time, and create integrity/privacy issues if those files are later accessed by other tools or users on the same system.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends generated content, source metadata, and original URLs to a new Feishu cloud document, but it does not clearly warn users about this external data transfer. This creates a privacy and data-governance risk because fetched content and user-selected outputs are uploaded to a third-party cloud service that may have sharing, retention, or access implications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal