ClawHub

for create subagent

Security checks across malware telemetry and agentic risk

Overview

This skill is openly for creating Feishu-connected subagents, but it directs created agents to send every message to Feishu without filtering or clear privacy controls.

Review before installing. Only use this skill if you intentionally want created agents to send their messages to Feishu, and modify the template to send only approved non-sensitive status updates. Store Feishu credentials with least privilege, avoid shared plaintext secrets where possible, and document user consent, redaction, rotation, and per-agent controls before enabling the bindings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs users to place Feishu app credentials directly into a shared configuration file and provides no guidance on secret storage, rotation, access control, or redaction. In this context, the skill is explicitly for creating multiple sub-agents, so it encourages credential proliferation across agents and workspaces, increasing the chance of accidental disclosure or misuse.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly requires that every message be forwarded to Feishu and says not to filter anything before sending. That creates a clear data-exfiltration path for sensitive prompts, internal reasoning summaries, personal data, credentials, tokens, workspace paths, or other user-provided content, especially because the integration is part of the agent's normal operating procedure.

Ssd 3

High
Confidence
99% confidence
Finding
The instruction to send all agent messages to Feishu without filtering is a direct unsafe data-handling policy. Because this is an agent-creation skill that standardizes sub-agent behavior, the unsafe rule can be replicated across many agents, amplifying the blast radius and making routine operation itself a mechanism for leaking confidential or regulated data to an external messaging platform.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal