ClawHub

X Comment Feed Posts

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about posting likes and comments on X, but it gives an agent broad authority to act publicly from the user's account and encourages first-person, experience-based comments that may not be true.

Install only if you are comfortable letting an agent like and post visible X comments from your account. Before using it, require review and approval of each comment, set a small N, avoid sensitive or political topics, and do not allow first-person claims about your feelings, work, or product experience unless they are actually true.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description is broad enough to trigger on generic requests to comment on posts, without clear guardrails on acceptable volume, targets, or sensitive contexts. In a skill that performs account actions on a live social platform, this can cause the agent to engage in unintended posting behavior that creates reputation, spam, or policy-violation risk for the user's account.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow directs the agent to like and comment from the user's X account but does not require an explicit warning or confirmation about account, reputation, moderation, and platform-enforcement risks. Because these are public, attributable actions, a user may not understand that the skill is operating on their live account and could expose them to embarrassment, policy violations, or unwanted engagement patterns.

Natural-Language Policy Violations

High
Confidence
96% confidence
Finding
These instructions explicitly tell the agent to simulate emotion, uncertainty, and subjective reaction as if it had genuinely been affected by content. In a social-posting skill, that creates deceptive impersonation risk because the model may manufacture human feelings or reactions and present them as the user's authentic voice without consent or factual basis.

Natural-Language Policy Violations

High
Confidence
99% confidence
Finding
The examples directly encourage first-person statements of personal experience such as having used tools, encountered problems, or tried products. In this skill's context—posting comments on a user's X feed one by one—those claims are especially dangerous because they can misrepresent the user's real experience, deceive third parties, and create reputational, compliance, or platform-integrity issues.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal