ClawHub

Content Machine

Security checks across malware telemetry and agentic risk

Overview

This skill is for social-media automation, but it can grant posting authority without clear review or confirmation safeguards.

Install only if you are comfortable connecting AI/content-generation services and a social-posting provider. Use test or low-risk accounts first, store API keys in a secret manager or environment variables, set spend and permission limits, and require manual review before any generated post is scheduled or published.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly states it will 'publish to social media' and 'schedule and publish to social platforms,' but it does not clearly warn users that running it can cause real outbound actions on connected accounts. This creates a meaningful risk of unintended posting, reputational damage, and abuse if a user enables the skill without understanding that it performs live publication rather than draft generation only.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The setup instructions require API keys for OpenAI/Anthropic and Postiz and describe use of external services, but they do not warn about sensitive credential handling or that prompts/content may be transmitted to third parties. This can lead users to expose secrets insecurely, underestimate data-sharing implications, or connect privileged publishing accounts without understanding the trust boundary.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The manifest advertises automated discovery and multi-platform social media publishing while requiring API credentials, but it does not warn users that the skill can autonomously post content on their behalf. This creates a meaningful risk of unintended or unauthorized publishing, credential misuse, and reputational harm because users may enable the skill without understanding the scope of actions it can take.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal