ClawHub

NEXUS Meeting Notes

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed paid remote meeting-notes service, but users should be careful because transcripts are sent to NEXUS and payment features are broad.

Install only if you trust NEXUS to process meeting transcripts and handle payment proofs. Avoid sending confidential, regulated, HR, legal, or client-sensitive meeting content unless third-party processing is approved, and use the sandbox mode before any paid workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill’s declared purpose is simple meeting-note generation, but the manifest embeds extensive blockchain, payment, and multi-protocol capabilities that are not necessary for that function. This increases attack surface, creates opportunities for unexpected value transfer flows, and can normalize privileged network interactions unrelated to the user’s primary task.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The documentation instructs the agent to participate in Stellar sponsorship, AP2 mandates, XRPL settlement, and other payment operations far beyond note summarization. Even if framed as payment support, these instructions materially expand the operational behavior of the skill and could induce agents to perform risky financial or blockchain actions when the user only expects text processing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README describes sending meeting content to a remote hosted API but does not clearly warn users that potentially sensitive meeting transcripts will leave the local environment and be processed by a third-party service. Because meeting notes often contain confidential business, legal, HR, or personal data, this omission can cause users or downstream agents to transmit sensitive information without informed consent or appropriate handling expectations.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The statement that the skill is 'automatically invoked ... when a matching task is detected' is too vague for a capability that sends user content to an external service. Ambiguous invocation criteria can cause accidental triggering on sensitive transcript-related tasks, increasing the chance that private data is sent off-host without the user's clear awareness.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal