ClawHub

news-impact-analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill performs the advertised remote news analysis, but it sends news text and an API key while disabling normal HTTPS certificate checks by default.

Install only if you trust the EasyAlpha backend and are comfortable sending submitted news text to it. Before use, set ALLOW_INSECURE_SSL=false, avoid plain HTTP or untrusted NEWS_EXTRACTOR_SERVER_URL values, and do not submit confidential, proprietary, unpublished, or regulated information without separate assurances about handling and retention.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
The code disables TLS certificate verification by default via rejectUnauthorized: false unless ALLOW_INSECURE_SSL is explicitly set to 'false'. This makes HTTPS connections vulnerable to man-in-the-middle interception, allowing attackers to read or modify transmitted news data and capture the API key sent in both X-EasyAlpha-API-Key and Authorization headers.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly states that the skill sends user-provided news content to a centralized remote analysis engine and requires an API key, but it does not clearly warn users that submitted content leaves the local environment. In an agent setting, this can cause unintended disclosure of sensitive or proprietary inputs because operators may assume a local-only analysis based on the lightweight CLI packaging.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill explicitly states that user-provided news text and an authentication token are automatically sent to a remote server, with a default endpoint on a public domain, but provides no meaningful privacy, retention, or transmission warning. This is dangerous because users may submit proprietary market research, unpublished information, or other sensitive text that is exfiltrated to a third-party service along with credentials, creating confidentiality and secret-handling risks.

Missing User Warnings

High
Confidence
98% confidence
Finding
The script sends user-supplied news content and API credentials to a remote server, while TLS verification is disabled by default. In the context of a news-analysis skill, outbound transmission is expected, but the combination of silent exfiltration to a configurable endpoint and insecure transport significantly increases the chance of credential theft, data exposure, or response tampering.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The comments explicitly justify skipping SSL verification by default for convenience, which encourages an unsafe deployment posture and makes insecure behavior appear intentional and acceptable. This matters because the skill handles API credentials and network traffic, so normalizing insecure TLS increases the likelihood that operators will leave the application exposed to interception.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal