ClawHub

Paragraph

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Paragraph integration, but it gives an agent high-impact publishing, subscriber-import, and email authority with weak safeguards.

Install only if you want an agent to operate your Paragraph account. Review every post before publishing, assume onchain/public content may be difficult or impossible to fully undo, use subscriber imports only with authorized and consented contact data, disable welcome emails unless you intentionally want messages sent, and keep the API key scoped and revocable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The example encourages bulk import of subscribers from a CSV and implies outbound email actions without warning about consent, lawful basis, or the sensitivity of personal data. In an agent setting, this can normalize processing contact lists and sending welcome emails to real recipients without adequate human review, creating privacy, compliance, and reputational risk.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The subscriber-management section documents collection, listing, import, and emailing of subscriber data but lacks a clear privacy and outbound-communications warning. Because the skill handles emails and wallet identifiers, incomplete guidance can lead agents or operators to process personal data or trigger communications without proper authorization, consent, or retention controls.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The documentation encourages adding and importing subscribers using email addresses and wallet addresses, but it does not clearly warn that this sends personal data to a third-party service and may trigger privacy, consent, and regulatory obligations. In a skill focused on newsletter and subscriber automation, this omission increases the risk of users transmitting PII without understanding retention, sharing, or compliance implications.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill emphasizes that posts are published onchain immediately, but the documentation does not prominently warn that onchain publication can be effectively permanent, widely replicated, and difficult or impossible to fully retract. Users may unintentionally publish sensitive, copyrighted, or erroneous content under the false assumption that deletion or recreation will meaningfully reverse exposure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This tool accepts an arbitrary local file path, reads the file from disk, and uploads its contents to a remote API. In an agent context, that creates a data exfiltration primitive: a prompt or caller that can influence csvPath may cause sensitive local files to be read and transmitted off-host, even if the file is not actually a subscriber CSV.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal