ClawFeed 新闻推送

Security checks across malware telemetry and agentic risk

Overview

This news-push skill has a clear purpose, but it relies on unreviewed local scripts, a fixed Feishu recipient, and a recurring cron job that users must inspect before use.

Review this before installing or using it. Confirm the Feishu recipient is yours, inspect the referenced local scripts before running them, check how the MiniMax API key is stored, and verify any crontab entry can be disabled or removed. Do not use it for general news-push prompts unless you intend to send or schedule messages to Feishu.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger conditions are broad enough that the skill may activate on generic requests like 'push news' or 'test push' without sufficiently constraining scope, timing, or authorization. In a skill that performs outbound messaging and scheduled automation, unintended invocation can cause spam, misdelivery to a fixed recipient, or unauthorized recurring actions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal