ClawHub

Unloopa Api

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent with Unloopa sales automation, but it can contact third parties and spend account credits or money without clear final approval steps.

Install only if you intentionally want an agent to operate your Unloopa account for outbound sales. Before use, require explicit confirmation for recipient lists, email content, call scripts, lead counts, campaign triggers, credit consumption, and any phone-number purchase or other paid account change.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The skill description is broad enough to activate for common requests like finding leads, generating websites, sending emails, or making calls, which increases the chance the agent invokes a high-risk automation skill in situations where the user did not intend external actions. In this context, overbroad routing is dangerous because the skill can initiate real outreach and telephony workflows with quota consumption and possible third-party contact.

Missing User Warnings

High
Confidence
96% confidence
Finding
The top-level description advertises autonomous lead finding, email outreach, and voice calling 'on autopilot' without any requirement for user confirmation or warning before contacting third parties. That creates a real risk that an agent uses the skill to send unsolicited emails or place calls, causing spam, privacy issues, reputational harm, and potentially legal/compliance problems.

Missing User Warnings

High
Confidence
97% confidence
Finding
The documented 'full pipeline' starts with a natural-language command and ends in automated outreach, but it does not instruct the agent to warn the user that submitting the command will eventually contact leads. Because the workflow bundles scraping, website generation, enrichment, and outreach together, a user may reasonably think they are only generating leads while the system also queues communications.

Missing User Warnings

High
Confidence
99% confidence
Finding
The default behavior explicitly says the API will scrape leads, generate websites, enrich contact data, and send outreach emails automatically, with no user-facing warning or consent checkpoint. This is especially dangerous because it makes external contact the default side effect of what appears to be a lead-generation request.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The phone-number purchase endpoint clearly incurs a recurring charge, but the skill does not require the agent to present a billing warning or ask for approval before purchase. In an agent setting, silent execution of a paid action can cause unauthorized spending and account changes.

Missing User Warnings

High
Confidence
98% confidence
Finding
The outbound call endpoint places real calls to third parties and consumes credits, yet the skill lacks a required warning or confirmation step. This is dangerous because a mistaken or premature invocation can contact real businesses, create harassment/spam risk, and spend account balance instantly.

Missing User Warnings

High
Confidence
98% confidence
Finding
The campaign trigger action can immediately initiate up to 10 real calls at a time, each consuming credits, but the documentation does not require a final confirmation before triggering. Bulk telephony magnifies the risk of accidental mass contact, financial loss, and reputational or regulatory harm.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal