ClawHub
Back to skill

Security audit

Smarttable Weekly Check

Security checks across malware telemetry and agentic risk

Overview

The skill is purpose-aligned and disclosed, but it stores employee weekly-report data and a reusable browser login profile locally.

Install only if you are authorized to access and analyze the WeCom Smart Table reports. Keep the smartsheet_data folder and ~/.smarttable-check-browser profile private, delete them when no longer needed, and review the optional cron setup carefully before enabling automatic recurring checks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill clearly performs networked actions via Puppeteer and internal API calls, but no declared permissions are documented. This creates a transparency and governance gap: operators may invoke a skill that can access internal resources, download browser binaries, and maintain authenticated sessions without explicit permission review.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill automates extraction of internal weekly-report data, stores it to local JSON/Markdown files, and preserves login state in a persistent browser profile, but does not present a clear privacy or data-handling warning. This is dangerous because it can silently collect employee work content and session artifacts, increasing the risk of unauthorized retention, local disclosure, and misuse of internal business data.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script collects structured employee weekly report data, including names and work/plan content, and persists it as plaintext JSON under a predictable local directory without any data-classification warning, access control, minimization, or retention protection. In the context of an enterprise reporting tool, this increases the risk of unauthorized local disclosure, accidental sharing, or over-retention of sensitive personnel and business information.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"version": "1.1.0",
  "description": "企业微信智能表格周报检查工具",
  "dependencies": {
    "puppeteer": "^24.0.0"
  }
}
Confidence
87% confidence
Finding
"puppeteer": "^24.0.0"

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal