ClawHub

Charisma Research Loop

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it needs review because it can keep a persistent log and send email/calendar updates without clear approval or destination limits.

Install only if you want an agent to maintain a recurring local insight ledger and deliver generated briefs through your email and calendar tools. Before use, configure the allowed recipient, target calendar, event naming/update rule, and require preview and approval before any email is sent or calendar item is created or changed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The manifest description contains very broad activation language covering communication, psychology, influence, persuasion, and recurring briefs, which could cause the skill to trigger for many ordinary user requests beyond the user's specific intent. Because the skill also performs persistence and delivery actions, over-broad matching increases the chance of unintended invocation and downstream side effects.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the system to send email and create or update calendar items without any visible requirement for explicit user confirmation, preview, or disclosure that external services will be modified and content will be stored. In an over-broadly activated skill, this creates a real risk of unauthorized outbound communication, unwanted calendar changes, and persistent storage of recurring behavioral content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal