ClawHub

Oauth Helper

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent OAuth-login automation, but it delegates sensitive account authorization to an agent using logged-in browser sessions and Telegram approvals with under-scoped safeguards.

Install only if you intentionally want an agent to use logged-in OAuth provider sessions. Use a dedicated browser profile and private Telegram chat, verify the exact provider account, target site, and requested permissions before approving, and avoid sending QR codes or screenshots unless necessary.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Low
Confidence
86% confidence
Finding
The documented workflow includes sending QR codes and debugging screenshots over Telegram, which expands the skill from simple confirmation into transmission of potentially sensitive authentication material. In an OAuth/login context, screenshots can expose account identifiers, session details, consent scopes, QR login tokens, or other sensitive data to a third-party channel.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly discusses screenshot sharing for QR login and debugging but omits any warning that those images may contain sensitive account information. In an authentication flow, screenshots can leak usernames, email addresses, consent scopes, QR login secrets, error details, and other data through Telegram, increasing privacy and account-takeover risk.

Natural-Language Policy Violations

Low
Confidence
84% confidence
Finding
Hardcoding Telegram as the confirmation channel without documenting user choice or consent creates a privacy and security risk because authentication-related metadata is sent through an external messaging platform by default. In a login automation skill, even minimal messages about target sites and OAuth providers can reveal sensitive behavioral or account information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal