ClawHub

WeCom Calendar

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward WeCom calendar tool that can change real organizational calendar data, but the sensitive access is disclosed and matches its purpose.

Install only if you intend to let an agent manage WeCom calendar data. Use a dedicated least-privilege WeCom app, keep the agent secret out of source control and shared logs, and require explicit review before update, cancel, recurring-event, or large-attendee operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to place live WeCom credentials, including an agent secret, into a plain .env file and shows realistic-looking values without any warning about secret handling. In agent-skill contexts, documentation that normalizes embedding sensitive credentials can lead to accidental exposure through source control, logs, screenshots, or shared workspaces.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documents cancellation and deletion capabilities for schedules and calendars but does not warn that these actions are destructive, may affect multiple users, and can be hard or impossible to reverse. In an agent setting, omission of such warnings increases the chance that a user or downstream system invokes state-changing operations without informed confirmation.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The cancellation example provides a ready-to-run destructive command with no warning that canceling a schedule modifies shared organizational data and may disrupt attendees. This is risky in an automation context because users may copy-paste the command without understanding consequences or verifying the target schedule.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The example shows how to retrieve the full member list from the organization directory without any privacy or least-privilege warning. Directory enumeration can expose employee identifiers and facilitate over-collection of personal data, especially when combined with bulk attendee operations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal