ClawHub

Newsletter Generator

Security checks across malware telemetry and agentic risk

Overview

This text-only newsletter skill does not run code, but it is mostly an off-platform paid upsell with PayPal and crypto payment instructions rather than the advertised newsletter resources.

Review carefully before installing. The artifact appears technically low-risk because it is text-only, but it under-delivers on its advertised contents and asks users to pay off-platform for files that are not included in the submitted skill. Do not send PayPal or crypto payments unless you independently trust the publisher and accept the lack of platform-controlled delivery or refund protection.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest advertises a newsletter-generation skill, but the body is largely an upsell funnel directing users to off-platform payment and purchase channels instead of delivering the declared functionality. In an agent ecosystem, this is dangerous because it abuses trust in skill metadata, can socially engineer users into payments, and may cause agents or users to rely on misrepresented capabilities.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The file includes direct payment requests, PayPal and crypto transfer details, and off-platform purchase instructions unrelated to the safe operation of a newsletter-generation skill. This creates a phishing/fraud surface by encouraging users to send funds outside trusted platform controls, where there is no verification, refund protection, or assurance that promised content exists.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The usage examples are intermixed with pricing and payment text, making it unclear what constitutes a legitimate prompt versus promotional content. In agent contexts, ambiguous trigger text can mislead users, contaminate prompt routing, and normalize embedded solicitation inside operational instructions, increasing the chance of social engineering or accidental policy bypass.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal