ClawHub

IG Realtor Recruiting Outreach

Security checks across malware telemetry and agentic risk

Overview

This skill locally generates Instagram recruiting message drafts from a user-provided CSV and writes local output files, with no evidence of hidden network access, credential use, or automatic sending.

Install only if you are comfortable processing realtor lead data locally. Keep the output directory private, delete old campaign audits when no longer needed, verify that your lead source and outreach comply with platform rules and local solicitation laws, and manually review every message before sending.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill instructs the agent to run a local Python script against user-supplied paths and to write generated campaign artifacts, which implies file read and file write capabilities. When those capabilities are present but not explicitly declared, users and the platform lose a clear security boundary and may not realize the skill can access local files or create outputs, increasing the risk of unintended data exposure or misuse.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script persists lead-derived outreach content, handles, brokerage information, notes, and a full audit trail to disk without any consent notice, minimization, or retention controls. In this skill context, the data is explicitly tied to recruiting outreach built from Instagram profile data, so storing raw sequences and skipped-row contents increases privacy, compliance, and accidental disclosure risk if output directories are shared, synced, or left on disk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal