ClawHub

Community Ambassador Playbook

Security checks across malware telemetry and agentic risk

Overview

This community playbook needs review because it appears to encourage broad automated social monitoring and engagement without clear privacy or platform-policy limits.

Install only if you are prepared to add your own policy controls: limit monitoring to lawful public data, avoid platform-rule-violating scraping, require human approval for public engagement and DMs, define retention/deletion rules, and document opt-out handling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list contains broad phrases such as "community building," "community management," and "user retention," which are common across many unrelated support and strategy requests. This can cause the skill to activate outside its intended niche, leading to incorrect routing, unwanted prompt injection surface expansion, or overshadowing more appropriate skills.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly recommends automated crawling of brand mentions and broad follow/retweet engagement without any guidance on consent, platform policy compliance, data minimization, or regional privacy obligations. In a reusable operational playbook, this can normalize indiscriminate social monitoring and collection of user-generated data, creating privacy, compliance, and reputational risk if teams implement it as written.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The document recommends continuous monitoring of all accounts mentioning the product and automatic follow/reshare behavior, but provides no privacy, disclosure, retention, or platform-policy safeguards. Even if data is public, operationalizing large-scale social monitoring without notice or limits can enable intrusive profiling, non-consensual tracking, and policy violations.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guidance explicitly advises building a crawler to automatically monitor brand mentions, again without any user-facing warning, consent considerations, or controls on what data is collected and how it is used. This makes the skill more dangerous because it moves from general community management advice to concrete surveillance-enabling implementation guidance.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document explicitly advises following/retweeting all accounts mentioning the product and states that Notion uses a crawler for automatic monitoring, but provides no constraints around lawful collection, platform terms, minimization, retention, or notice. In a community-operations playbook, this normalizes broad surveillance-style monitoring of individuals and can lead operators to collect and process personal data unsafely or non-compliantly.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The playbook recommends personal DM outreach when contribution drops, but gives no guidance on consent, contact boundaries, opt-out handling, or anti-harassment practices. In practice, this can encourage intrusive contact and inappropriate use of personal account data for retention efforts, especially across multiple platforms or jurisdictions.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal