ClawHub

Reddit Assistant

Security checks across malware telemetry and agentic risk

Overview

The skill has a coherent Reddit drafting and analytics purpose, but it tells the agent to automatically run local helper scripts that are not included in the reviewed package.

Review before installing. Use this only in a controlled directory, and do not allow the automatic startup commands unless you have inspected or supplied the referenced scripts yourself. Avoid storing confidential launch plans, internal URLs, or sensitive account strategy in the local memory files unless you are comfortable with that history being retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes broad phrases like 'reddit content', 'reddit analytics', and 'which subreddits' that could activate the skill during general conversation rather than when the user explicitly wants file access and script execution. Because this skill is allowed to use Bash, Read, and Write and begins with an ALWAYS RUN FIRST command, accidental invocation could lead to unintended local reads, writes, and persistence.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The setup workflow collects product name, description, target user, stage, and optional URLs, then saves them to memory/config.json without telling the user that this data will be stored persistently. This creates a privacy and consent issue, especially if the user shares sensitive startup plans, unreleased product details, or internal links expecting only transient assistance.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The logging workflow stores published Reddit URLs, titles, subreddit names, angles, and later performance metrics in posted-log.json without an explicit retention or consent notice. Even though Reddit posts are public, aggregating them locally over time creates a behavioral history that may reveal product strategy, posting habits, and account activity beyond what the user expects.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal