ClawHub

CRM in a Box (Hybrid Labs)

Security checks across malware telemetry and agentic risk

Overview

This is a local file-based CRM helper that stores contacts, pipeline entries, and interactions as disclosed, with privacy and backup cautions but no hidden exfiltration or privileged behavior found.

Install only if you are comfortable storing CRM contact, deal, and interaction data in local files. Use a dedicated CRM directory, keep it backed up or version controlled, avoid unnecessary sensitive personal data, and require confirmation before bulk appends or agent-driven updates. Do not rely on the advertised hash-chain/tamper-evidence claim unless you add or verify that mechanism separately.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill clearly instructs the agent to read and write local files (`cp`, append to NDJSON files, `grep`, `cat`) but does not declare any corresponding permissions or safety boundaries. This can cause the agent to modify persistent user data without explicit authorization or scope limits, increasing the chance of unintended file access or silent data changes.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README explicitly promotes the system as "agent-native" and says AI agents can read, write, and act on CRM data, but it does not warn that CRM repositories commonly contain sensitive personal and business information. That omission can lead operators to grant autonomous agents broad access to contacts, pipeline, and interaction logs without privacy review, least-privilege controls, or human approval for high-risk actions.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill tells the agent to append contacts, pipeline updates, and interactions directly into persistent CRM files, but provides no warning, consent step, or guardrail around modifying user data. In a CRM context this is especially sensitive because records may contain personal or business-critical information, and append-only mistakes can create durable corruption, duplication, or privacy exposure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal