ClawHub

Daxiang Electron

Security checks across malware telemetry and agentic risk

Overview

This skill is for legitimate Electron app automation, but it gives broad control and data-capture access to sensitive desktop apps without enough user-safety boundaries.

Install only if you intentionally want the agent to automate local Electron apps through remote debugging. Avoid using it with password managers, private chats, work workspaces, developer tools, or production accounts unless you explicitly approve the exact app and action, and review any screenshot or data extraction step before it runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill trigger language is broad enough to match many ordinary desktop-app requests, which can cause the agent to invoke a high-privilege automation skill unnecessarily. In this context, that is risky because the skill enables control of Electron apps, screenshots, and data extraction from apps that often contain sensitive user data such as messages, credentials, documents, and tokens.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly documents taking screenshots and extracting text/JSON state from desktop apps without any warning, minimization guidance, or consent requirement. This is dangerous because Electron targets listed here include apps like Slack, VS Code, Notion, and 1Password, where screenshots or DOM extraction could capture secrets, private conversations, API keys, tokens, source code, or other highly sensitive content.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal