ClawHub

Weibo Timeline Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill appears to periodically collect Weibo timeline posts and save them locally as described, with no evidence of data theft or harmful actions.

Install this only if you want a recurring OpenClaw task that uses your logged-in Weibo browser profile, accesses weibo.com, and stores post digests locally. Review the cron interval and remove the cron entry when you no longer want background monitoring.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Tp4

High
Category
MCP Tool Poisoning
Confidence
84% confidence
Finding
The skill’s declared purpose is timeline monitoring and Markdown logging, but it also directs the user to install cron jobs and references writing prompt files and registering scheduled tasks. That mismatch matters because persistence and background execution expand the trust boundary: a user expecting a one-shot browser automation may unknowingly authorize recurring local actions and filesystem changes. In a skill that interacts with a logged-in social media session, unattended scheduled execution increases the chance of unintended data collection or repeated actions without clear user awareness.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script silently creates a prompt file under the user's home directory and registers a recurring cron job that will drive browser-based collection of Weibo data. Even though the behavior appears aligned with the skill's purpose, installing persistent scheduled activity without an explicit warning, confirmation, or clear disclosure is risky because it can surprise users, continuously access external services, and accumulate local data without informed consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal