ClawHub

Intelligent Budget Tracker

Security checks across malware telemetry and agentic risk

Overview

This is a coherent budget-tracking skill, but users should treat the data and the external npm package as sensitive.

Before installing, verify the npm package publisher and version, and avoid entering account numbers, credentials, or other unnecessary financial identifiers. Keep explicit control over when the agent adds records, processes recurring transactions, generates AI insights, exports data, or creates backups.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation advertises natural-language expense parsing and AI-generated financial insights but does not warn that free-form user financial text may contain sensitive personal data such as merchants, locations, salaries, debts, or account-related details. Because this is a money-tracking skill, the context makes the omission more dangerous: users are likely to input intimate financial histories, and agent-driven use may forward that data to an LLM or other processor without informed consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation advertises natural-language expense parsing and AI-generated financial insights but does not warn that free-form user financial text may contain sensitive personal data such as merchants, locations, salaries, debts, or account-related details. Because this is a money-tracking skill, the context makes the omission more dangerous: users are likely to input intimate financial histories, and agent-driven use may forward that data to an LLM or other processor without informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal