ClawHub

Show Booking

Security checks across malware telemetry and agentic risk

Overview

This skill appears to support real-estate showing coordination, but it needs review because it can use personal and listing details in outbound calling workflows without clear consent boundaries.

Review this skill before installing. It may be appropriate for real-estate showing operations, but only use it where the user has explicitly approved outbound calls and sharing the minimum necessary client, listing, scheduling, and contact details with the calling workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill instructs the agent to read input files and write multiple artifacts to temporary paths, yet it declares no permissions or user-visible capability boundaries. That mismatch can cause the platform or user to underestimate what the skill can access and modify, increasing the risk of unintended file exposure, tampering, or unsafe execution in environments that rely on declared permissions for policy enforcement.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The invocation description is broad enough that the skill could trigger on general booking or scheduling requests, even when the user did not intend real-estate showing automation or outbound calling. In context, that is more dangerous because the skill can process listing data, generate call jobs, and potentially initiate external communications, so an over-broad trigger can lead to privacy-impacting or costly actions from ambiguous prompts.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill collects client identity, listing details, preferred windows, and confirmation destinations, then delegates outbound calling to a sub-agent, but it does not provide an explicit user-facing warning that this data will be transmitted externally. In this context, the absence of a clear privacy and consent notice is especially risky because the workflow includes phone calls and status delivery to third parties, creating meaningful exposure of personal and transactional information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal