ClawHub

registry-sync

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is purpose-built to update a specific Feishu registry sheet, but users should know it can do that automatically after related work.

Install only if you want agents to keep the named Feishu registry updated automatically. Confirm the Feishu sheet is yours or appropriate for this data, keep the agent's Feishu permissions scoped, and avoid registering sensitive internal details in the sheet or backlog.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description says it should be used whenever a new local skill, workflow, or template is created, and also when the user asks to update or maintain the registry. That scope is broad enough to cause the agent to invoke it opportunistically, leading to unintended writes to an external Feishu sheet without a clear per-action confirmation boundary.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The automatic trigger section explicitly instructs the agent to run this skill after creating new skills, templates, or workflows and says not to wait for the user to remind it. This encourages autonomous execution and external state changes without checking current user intent, which increases the risk of surprise data modification and unintended disclosure of local project metadata.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill directs the agent to write summaries and metadata to an external Feishu spreadsheet or, on failure, to a local backlog file, but it does not require informing the user that persistent external and local writes will occur. Because the data source includes local skills, workflows, and templates, this can expose sensitive internal operational information and create unauthorized modifications to external records.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal