ClawHub

News Noon Digest - 新闻午报

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed scheduled news-digest sender, but users should understand it posts to a configured Feishu webhook, does not actually implement QQ delivery, and appears to use static template news rather than live fetching.

Install only if you are comfortable configuring a Feishu bot webhook and adding a daily cron job. Treat the Feishu webhook as a secret, verify the posted content before relying on it, and do not assume QQ delivery or live news fetching works unless you update the script.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation describes use of environment variables and outbound network transmission to Feishu/QQ, but it does not declare corresponding permissions. This creates a transparency and trust problem: users and the platform may not understand that the skill can access secrets and send data externally, increasing the chance of unintended data exposure or misuse.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation phrases shown in the README are very broad and generic, which increases the chance of accidental or unintended activation. In a skill that can configure scheduled outbound delivery, ambiguous triggers can cause users to enable notifications or retrieve content without clearly intending to invoke this specific skill.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README states that the skill automatically pushes news digests to QQ and Feishu, but it does not warn users that content and possibly account-linked data will be transmitted to external platforms. This creates a privacy and consent risk because users may not understand that enabling the skill results in scheduled external message delivery outside the primary assistant environment.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description says the skill pushes a news digest to QQ and Feishu, but it does not clearly warn that generated content is automatically transmitted to external messaging services. Users may enable or run the skill without understanding that content leaves the local environment, which can cause accidental disclosure if prompts, metadata, or unexpected content are included in the digest.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal