ClawHub

Resignation Check

Security checks across malware telemetry and agentic risk

Overview

This skill supports a real offboarding workflow, but it can delete Microsoft 365 and Adobe accounts and send notification email through unpinned external code, so it needs review before use.

Install only if you are prepared to review and pin the external office365-tools repository, use least-privilege dedicated credentials, run a report-only pass first, manually verify every candidate, disable notification email unless explicitly needed, and require explicit per-account approval before deletion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill is framed as a resignation-checking workflow, but it includes destructive account deletion and automatic email notification side effects. Even with an interactive confirmation step, bundling verification and deletion in one skill increases the chance of accidental or overly broad account removal, especially when identity matching relies on heuristics such as email-domain rewriting and Feishu lookup misses.

Context-Inappropriate Capability

Medium
Confidence
80% confidence
Finding
The SMTP and notification-email capability is not necessary for merely checking whether users appear active in Feishu, yet it enables extra outbound communication using stored credentials. This expands the blast radius of the skill: a mistaken or abusive run could send unintended emails, leak operational details, or trigger notifications tied to wrongful deletions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal