ClawHub

Event Planner Os

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local event-planning skill, but it saves event details, contacts, vendors, helpers, and budgets in a local JSON file.

Install this if you want a local event planner that remembers details between sessions. Avoid entering sensitive contact details or private budget notes unless you are comfortable storing them locally in `event-data.json`, and review or delete that file when you no longer need the saved planning data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The README defines activation in very broad terms such as 'whenever someone mentions planning an event' and 'trigger on casual phrases too,' which can cause the skill to activate for loosely related conversations. Overbroad trigger boundaries increase the chance of unintended invocation, context hijacking, and unnecessary access to user conversation data or agent actions when the user did not explicitly request event-planning help.

Vague Triggers

High
Confidence
93% confidence
Finding
The skill advertises very broad trigger language, including casual phrases about parties, conferences, caterers, deadlines, and spending. This can cause over-activation in ordinary conversation and route unrelated or only loosely related user input into a stateful skill that reads and writes persistent event data, increasing the chance of unintended data access or modification.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill persists structured event, vendor, volunteer, and contact information to a local JSON file but does not instruct the assistant to disclose this retention behavior to users. Because the stored data can include names, phone numbers, emails, budgets, and schedules, silent persistence creates a privacy and consent risk and may surprise users who believe the interaction is ephemeral.

Missing User Warnings

Low
Confidence
85% confidence
Finding
The eval explicitly expects the skill to write to a local file, event-data.json, without mentioning any user confirmation, disclosure, or consent flow. In an agent skill, silent persistence to local storage can create privacy and integrity risks because user-supplied event details may be stored unexpectedly or overwrite existing data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal