ClawHub

X Bookmarks Archiver

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: archives X bookmarks locally, with optional OpenAI summarization that users should treat as a privacy-relevant choice.

Install only if you are comfortable letting the bird CLI read bookmarks from the X account it is authenticated to. Leave OPENAI_API_KEY unset if you want local-only fallback summaries, and review the generated X-knowledge and state files if your bookmarks include sensitive work or personal links.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

High
Confidence
94% confidence
Finding
The script transmits bookmark URLs and associated tweet text to the OpenAI API for summarization whenever an API key is present. This is a real data-exfiltration/privacy risk because bookmark contents may include sensitive research, private links, or personal content, and there is no consent gate, minimization, or policy enforcement around what leaves the local environment.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill advertises AI-generated summaries via OpenAI but does not clearly warn users that bookmark content, linked URLs, and possibly fetched page text may be transmitted to a third-party API. Because bookmarks can reveal sensitive interests, work materials, or private research, this omission can cause unintentional disclosure of personal or organizational data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code sends bookmark URLs and tweet text to a third-party AI endpoint without any user-facing notice in this file, which creates a transparency and privacy problem. Users may reasonably expect local bookmark processing, but this implementation silently exports content to an external provider when an API key is configured.

External Transmission

Medium
Category
Data Exfiltration
Content
}`;

  try {
    const result = await fetch('https://api.openai.com/v1/chat/completions', {
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${apiKey}`,
Confidence
86% confidence
Finding
fetch('https://api.openai.com/v1/chat/completions', { method: 'POST'

External Transmission

Medium
Category
Data Exfiltration
Content
}`;

  try {
    const result = await fetch('https://api.openai.com/v1/chat/completions', {
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${apiKey}`,
Confidence
86% confidence
Finding
https://api.openai.com/

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal