ClawHub

Customer Research & Validation

Security checks across malware telemetry and agentic risk

Overview

This is a coherent customer-research skill that fetches public web data and writes local research outputs, but users should handle scraping and interview data carefully.

Install only if you are comfortable with a research tool that fetches public web content, scrapes user-specified URLs, installs Python packages, and saves outputs locally. Before using it with real interviews or competitor sites, confirm authorization and site terms, avoid collecting unnecessary personal or financial details, revise the confidentiality wording, and periodically delete or anonymize stored research files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (7)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The document explicitly instructs retention of interview notes for one year in a research directory, but provides no guidance on consent, minimization, access controls, redaction, or handling of personally identifiable or sensitive customer information. Because interview notes commonly contain names, contact details, opinions, and other sensitive context, this creates unnecessary privacy and compliance risk if the files are exposed, over-retained, or reused beyond their original purpose.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The quick reference explicitly promotes scraping competitor reviews and even provides a generic URL-based mode, but gives no warning about website terms of service, robots.txt, privacy obligations, or jurisdiction-specific legal constraints. In a concise cheat sheet, omission of these guardrails increases the chance that users will perform unauthorized or noncompliant scraping against third-party sites.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs operators to scrape Reddit/forums and competitor review sites, run sentiment analysis, and write outputs to local storage, but it never warns that external content will be fetched/transmitted or that collected data will be retained in `data/research/` and later archived. That omission creates a real transparency and data-handling risk: users may unknowingly cause third-party content to be collected, processed by external services such as an LLM, and stored locally for 90 days.

Missing User Warnings

Low
Confidence
78% confidence
Finding
The script asks about tax optimization practices, costs, budgets, and purchasing decisions without any guidance on minimizing collection of sensitive information or handling it safely. In an interview setting, participants may volunteer confidential financial, tax, or business process details, creating unnecessary privacy and data-handling risk if the interviewer records or stores the responses insecurely.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The generated interview script explicitly says 'Everything you share will be confidential' without any code, controls, or documentation ensuring confidential handling of interview data. This can mislead users into disclosing sensitive business or personal information under false assurances, creating legal, privacy, and trust risks depending on how the collected data is actually stored or shared.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script collects Reddit thread content and persists it to a timestamped JSON file under a shared workspace data directory without any explicit notice, consent prompt, retention policy, or minimization controls. Even though Reddit data is public, the stored dataset may contain sensitive or regulated personal information in post text, and local persistence increases the chance of unintended reuse, over-retention, or later exfiltration.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The setup script performs external package installation via pip3 and downloads TextBlob corpora over the network without explicit user consent, pinning, integrity verification, or clear warning about system changes. Even though this is common in setup scripts, it expands the attack surface to dependency confusion, malicious package updates, or unexpected modification of the user's Python environment.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal