ClawHub

TTS WhatsApp

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed WhatsApp text-to-speech helper, but users should be careful because it can send real messages through their WhatsApp account.

Install only if you trust the connected Clawdbot WhatsApp account. Test first with --no-send, avoid setting a default recipient unless you are comfortable with automatic delivery to that contact or group, verify group IDs before sending, and review external downloads or cloned code before running them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The guide instructs users to configure a default WhatsApp target, send live test messages, and enumerate group IDs, but it does not warn about privacy, accidental delivery, or the sensitivity of group identifiers. In a messaging skill, this omission can lead to unintended messages being sent to real recipients or groups and disclosure of private metadata.

Missing User Warnings

Low
Confidence
80% confidence
Finding
The uninstall section uses recursive deletion commands that permanently remove the skill and downloaded models, but it does not clearly warn about data loss. Although the paths are scoped to the user's home directory, a user can still unintentionally destroy files they expected to preserve.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README promotes automatic WhatsApp delivery and automatic file deletion but does not clearly warn users that provided text will be transmitted to external recipients and that generated audio artifacts may be removed after sending. In a messaging skill, this can lead to unintended disclosure of sensitive content and loss of local evidence or recovery options if users misunderstand the defaults.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill configuration documents a preconfigured `WHATSAPP_DEFAULT_TARGET` but does not prominently warn users that messages may be sent to that recipient if no explicit target is supplied. In a messaging skill, this creates a real risk of unintended disclosure or accidental delivery of private or sensitive content to the wrong person or group, especially because the skill advertises automatic sending and user-invocable behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal