ClawHub

客户脉搏 / Customer Pulse

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local CRM skill that stores and manages customer data on the user's machine, with no evidence of hidden network exfiltration or deceptive behavior.

Install only if you are comfortable storing customer and sales records locally. Treat the data directory and CSV exports as sensitive, review delete/import/export commands before allowing them, and store backups somewhere access-controlled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill instructs execution of local scripts, reads environment variables, and stores CRM data in local files, but it does not declare corresponding permissions. This creates a trust and transparency problem: the host or user may not understand that the skill can access environment configuration and perform file reads/writes involving sensitive customer records.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide explicitly instructs users to collect and record personal data such as names, companies, and contact information, but it provides no privacy, consent, minimization, retention, or access-control guidance. In a CRM context this omission can lead to improper handling of customer PII, unauthorized sharing, or noncompliance with privacy laws and internal data-protection requirements.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The CSV import/export and backup examples include realistic personal contact data and operational instructions for exporting customer records, yet the document gives no warning about securing files at rest or in transit. This creates a practical risk of exposing customer PII through unsecured CSVs, local backups, shared folders, or accidental reuse of real-looking example data in production workflows.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The import function accepts an arbitrary user-supplied file_path and reads that file directly from the local filesystem. In an agent or tool-execution context, this can expose sensitive local files if a prompt or untrusted input causes the skill to read unexpected paths, and there is no path restriction, consent gate, or allowlisted import directory.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The export function writes full customer records, including unmasked phone numbers and other CRM data, to any user-specified path and will overwrite/create files without safety checks. In an agent setting, this creates a path-injection/arbitrary file write primitive that can leak sensitive data, clobber local files, or place data in attacker-chosen locations.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal