ClawHub

Publer

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed Publer integration for uploading media and publishing or scheduling social posts, with no evidence of hidden behavior or unauthorized data transfer.

Install only if you intend to let an agent use your Publer API key. Review account IDs, media paths, captions, privacy, and schedule before running live post commands, and prefer the dry-run option for anything important or ambiguous.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill requires environment secrets and network access to interact with the Publer API, but it does not declare corresponding permissions. This creates a transparency and governance gap: the agent may invoke a networked, credentialed action without explicit permission metadata, increasing the chance of unintended outbound actions or secret-backed operations.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger language is very broad and can match generic requests like 'publish to social media' or 'schedule a post,' which may cause the agent to select this skill in situations the user did not specifically intend to route through Publer. Because the skill performs real network actions using stored API credentials, over-selection increases the risk of unintended posting, scheduling, or data disclosure to a third-party service.

Missing User Warnings

Medium
Confidence
73% confidence
Finding
The upload function sends arbitrary local file contents to a remote third-party API with no built-in confirmation, path restrictions, or safeguards around sensitive files. In an agent context, this increases the chance of accidental exfiltration if an upstream prompt or workflow supplies unintended file paths.

Missing User Warnings

Medium
Confidence
75% confidence
Finding
The post function transmits user-provided text, media references, scheduling data, and account targeting to an external publishing service without any explicit consent or confirmation step. In an agent skill, this can cause unintended external publication or disclosure if invoked with mistaken or manipulated inputs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal