ClawHub

OSINT Daily Brief

Security checks across malware telemetry and agentic risk

Overview

This is a documented OSINT reporting skill that uses disclosed public-source lookups, but users should limit it to authorized targets and handle external services carefully.

Install only for legitimate OSINT use on assets, clients, brands, or targets you are authorized to research. Review any cron or Telegram delivery before enabling it, and avoid sending sensitive target names or findings to Tavily, Shodan, or messaging services unless that disclosure is approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
81% confidence
Finding
The note recommending Tor/Ahmia for dark-web mentions expands the skill beyond the declared core capability and nudges operators toward lower-visibility infrastructure without clear safeguards or necessity. In an OSINT skill that already supports broad target monitoring, this increases misuse potential and legal/compliance risk even if it is framed as passive research.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill is described as usable on virtually any domain, company, IP, person, or keyword, with no built-in scope checks or trigger constraints. That broad applicability materially increases the chance of unauthorized reconnaissance or intelligence collection against third parties, especially when combined with scheduled automation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description does not clearly warn upfront that user-supplied targets and queries are transmitted to third-party services such as Tavily and Shodan. This creates a privacy and operational security risk because sensitive investigation targets may be exposed to external providers without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal